Compliance at BSI
The best possible security for your data. Since 1996.
Trust is good. Control is better. BSI firmly believes that trust is essential, but responsibility and control are as well. On this page you can find information relating to privacy and data protection.
ISO 27001 applies to organizations' information security. It sets out the requirements for a documented information security management system. BSI complies with this standard in full. The entire company and all of its services fall under it. The certification is valid for three years at a time.
ISAE 3402 Typ II
ISAE 3402 is the internationally recognized audit standard for auditing outsourcing providers' internal control systems. The certificate includes information regarding the efficacy of the internal controls that have been outsourced to a provider. BSI has its Cloud service audited in accordance with ISAE 3402 every year.
GxP stands for "Good x Practice", and refers to all of the guidelines for good work practice that are of particular relevance in the fields of medicine, pharmaceuticals and pharmaceutical chemicals. BSI Life Sciences follows GxP methods and best practices.
Data protection: BSI Global Privacy
Not only do we protect our own personal data, but also those of our business partners and customers, as well as data that we process on their behalf. BSI operates on the basis of and in accordance with GDPR, the Swiss Data Protection Act, the Swiss Data Protection Ordinance, and the recommendations of the Swiss Federal Data Protection and Information Commissioner.
Data Fairness Label
The SWISS INSIGHTS Data Fairness Label helps companies deal with data (sets) in a structured manner, and to document their processes with transparency. Recipients of the label commit to the transparent handling of data, and encourage their employees to actively engage with the topic of digital ethics.