With the rising frequency of data breaches and security threats, maintaining robust security protocols has become critical for businesses. The BS7858 security screening standard, developed by the British Standards Institution (BSI), serves as a vital tool in this regard. This standard is essential for organisations that wish to comprehensively vet individuals in secure or sensitive environments. Updated in 2020, BS7858 has expanded beyond traditional security roles to become a key standard across various industries, including finance, healthcare, IT, and more.
In this blog post, we’ll explore the basics of BS7858, covering who it applies to, the checks involved, the benefits of implementation, and its impact on your organisation (this is also summarised in our video below too) – or if you’re ready to have a conversation around BS7858 now – we’d be more than happy to help!
BS7858 is a British standard that outlines procedures for the security screening of personnel in positions of trust. Initially focused on pre-employment background checks within the security industry, its scope has broadened to include various sectors handling sensitive data or environments. The standard aims to mitigate the risk of employing individuals who might compromise the integrity of sensitive data, assets, or environments. The updated BS7858:2019 version, which replaced the BS7858:2012 standard, reflects ongoing improvements and its broader application across industries.
BS7858 Updates in 2020: The 2020 update not only expanded the scope and applicability but also introduced a more flexible approach to obtaining references, allowing verbal references under specific conditions. This update aimed to streamline the vetting process while maintaining thoroughness.
BS7858 is crucial for organisations employing individuals in secure environments. While originally designed for security firms, its application now extends to sectors like hospitality, events, and secure logistics. This expansion includes a broader range of roles, such as ancillary staff, contractors, and subcontractors. The standard emphasises the responsibility of top management in ensuring the effectiveness of the screening process, including when the process is outsourced. It aligns closely with other standards like the Baseline Personnel Security Standard (BPSS), providing a comprehensive benchmark that organisations can adopt. This includes screening third-party contractors to the same standards as internal employees, highlighting the importance of maintaining high security and trustworthiness across all levels of employment.
Employers may choose to partner with trusted background screening companies such as Giant Screening to implement BS7858 standards effectively. These companies provide a range of services tailored to meet the specific needs of the organisation. A standard BS7858 screening package typically includes:
Recent updates to the standard have removed the requirement for character references, allowing verbal references under certain conditions. For roles in the security sector, additional checks such as the Security Industry Authority (SIA) Licence verification may be required. While social media checks are not mandated by the standard, they can provide additional insights into a candidate's suitability for a role, provided they are conducted legally and ethically.
BS7858 can complement other standards and frameworks like Cyber Essentials and ISO/IEC 27001, which focus on information security management. This integration makes BS7858 particularly valuable for organisations aiming for comprehensive security and compliance frameworks.
While BS7858 is a British standard, it has gained recognition and adoption beyond the UK, especially in multinational companies that adhere to rigorous global security protocols. This international relevance is crucial for businesses with cross-border operations, ensuring consistent security standards globally.
Recent advancements in screening technologies, such as the use of AI and machine learning in background checks, can significantly enhance the BS7858 screening process. These technologies improve the accuracy and speed of checks, offering real-time insights and reducing human error.
Beyond the initial screening, BS7858 encourages continuous monitoring of employees in sensitive roles. This ongoing vigilance is crucial for identifying potential risks that may emerge after the initial hiring process, thus providing a more robust security posture.
The standard emphasises the importance of conducting all checks, including social media screenings, in a manner that is legally compliant and respects individual privacy rights. This is increasingly important in light of data protection regulations like GDPR, ensuring that organisations conduct their screening processes ethically and legally.
BS7858 allows for the customisation of screening packages based on the specific needs of an organisation. For instance, high-security roles might require more extensive checks compared to less sensitive positions. This flexibility ensures that the standard can be tailored to fit the specific security requirements of different industries and roles.
Implementing the BS7858 standard offers several key benefits for organisations. Firstly, it enhances security and trust by ensuring comprehensive vetting of all employees, thereby building confidence among customers, stakeholders, and the public. Secondly, the thorough screening process helps identify and mitigate potential risks, protecting the organisation from internal threats. Lastly, while BS7858 is not a legal requirement, it is widely adopted as a best practice, aiding organisations in complying with various regulatory requirements and standards.
The BS7858 standard is an integral part of a comprehensive risk management strategy. It provides a robust framework for ensuring that all personnel in sensitive or secure roles are thoroughly vetted, helping to maintain the security and integrity of the organisation. Whether you are in the security industry or any other sector handling sensitive data, BS7858 offers a reliable method for ensuring a safe and trustworthy work environment.