Security & Compliance
ISO 27018:2020 is part of the ISO 27000 family relating to the Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors.
The basis of this certification is to take into consideration the regulatory requirements for the protection of PII which can be applicable within the context of the information security risk environment(s) of a provider of public cloud services.
This widely-recognized international standard specifies that SHL does the following:
- Achieves compliance to PII requirements globally ensuring that we manage our data both as a data controller and a data processor to the highest standard.
- Ensure that we implement and design a suit of security controls to ensure that PII data is controlled within all legislative requirements globally.
- We have an overarching management process to ensure that the information security and privacy controls meet our needs on an ongoing basis.
SHL has certification for compliance with ISO/IEC 27018:2020 which is audited by independent third-party auditors. Our compliance with these internationally-recognized standards and code of practice is evidence of our commitment to information security and privacy at every level of our organization, and that the SHL security program is in accordance with industry-leading best practices.
This document was last updated: June 2021