- Security TWENTY Home
- Women in Security Awards
A West Midlands company which investigates commercial fraud has been awarded a UK certification for protecting sensitive client data.
The Expert Investigations Group has now passed IASME certification for best practice for information security which includes the UK Government and National Cyber Security Centre’s own scheme Cyber Essentials for which the company has renewed its certification.
In May 2018 the UK like the rest of the EU brings in the new General Data Protection Regulations (GDPR). Expert Investigations founder and managing director, David Kearns said he wanted to be proactive before the new rules came in to show his support for them and help clients understand the importance of working with businesses who take the legislation seriously.
Mr Kearns, pictured, a former Warwickshire Police detective, specialising in covert intelligence gathering, said the investigations industry remains unregulated and even people with a criminal record could set up such companies. He said it was important reputable investigation businesses reassure clients their data was protected and the certifications were the best way of proving that.
He said: “We have always been aware we are dealing with sensitive data both personal and commercial and take our responsibilities very seriously. Cyber Essentials, IASME and the GDPR legislation gave us a formula, a structure which shows how we deal with the information which is gathered, documented, stored and ultimately destroyed. Our clients trust us and we value that trust. The accreditations give them and future clients the confidence to have faith in the professional way we operate and that whatever the information, personal or commercial, they can be assured we do everything we can to protect it both online and offline. ”
The company has been supported through the scheme by Leamington-based risk management specialists, Risk Evolves. Managing Director of Risk Evolves, Helen Barge said the certifications built trust between businesses and their clients at a time when cyber attacks were becoming more common.
Ms Barge said: “The new General Data Protection Regulations (GDPR) with tighter regulation will mean heavy fines for companies which do not look after their clients’ data. But rather than focus on the negative aspects of the fines, it is better for businesses to follow the lead of companies like the Expert Investigations Group, to seize the opportunity to demonstrate that they have been proactive and put steps in place to protect personal information both on and offline. We were pleased to work with the Group and support them through the certification process.”
Mr Kearns said: “Businesses often worry about having to take additional measures because they are worried it will be time consuming. SMEs simply don’t have the time. But the team at Risk Evolves walked us through the whole process step by step. It was great to have such experts on board.”