Compliance

Our dedicated compliance and audit team have extensive knowledge and experience across all areas of Records and Information Management

Our mission

The OASIS Group is committed to complying with all relevant and applicable laws and regulations of the countries in which we operate.

As a leading Records and Information Management company, information security, compliance, integrity and trust are at the heart of our business. It is of utmost importance to us that we and our suppliers are working responsibly, ethically and in accordance with external and internal policies, procedures and standards in order to protect the information that we hold on behalf of our clients.

We are proud to be certified to various external standards including ISO 27001 (Information Security ISO 9001 (Quality), ISO 14001(Environment), PCI DSS (Payment Card Industry Data Security Standard) and Cyber Essentials.

What we do

The OASIS Compliance function has extensive knowledge and experience of risk, governance, health and safety, business continuity, audit and compliance in the Records and Information Management Industry.

We ensure that the OASIS Group complies with all legal, regulatory, internal and external standards, including health and safety, data privacy, data protection and information security. We also provide advice and guidance to the business in these disciplines.

We have an internal audit function to monitor the Group’s adherence to these standards and we facilitate external audits from our clients, independent auditors and other interested parties.

We oversee and monitor the OASIS Group’s crisis management and business continuity plans and ensure that our procedures and plans are regularly reviewed and updated to enable critical business activities to continue in the event of a disruption, incident or crisis.

We also provide advice and guidance to internal and external stakeholders on compliance matters throughout the lifecycle of our services from procurement right the way through to the servicing of our clients’ account. Our mission is to ensure that the services we provide and the information in our custody is safeguarded in accordance with internal and external standards, laws and regulations.

Trusted by clients and industry

We are committed to the security and integrity of our clients’ data

nqa ISO 9001
nqa ISO 14001
nqa ISO 27001
pci DSS Compliant

Important information

ISO Certifications

OASIS Group is certified to ISO 9001 Quality Management Systems, ISO 14001 Environmental Management Systems, ISO 27001 Information Management Systems by the NQA, a UKAS accredited certifying body. Our shredding operations are aligned to the British Standard for the Secure Destruction of Confidential Material (BS EN 15713).

We are also certified to the Payment Card Industry Data Security Standard. OASIS is audited against these standards each year which provides independent verification of our adherence to these standards.

Policies

OASIS operates an integrated management system for Quality, Environment and Information Security and our policies set out our strategies and goals for implementing these.

These policies are regularly reviewed and updated by the OASIS executive team.

Waste license and permits

OASIS is authorised to collect and dispose of waste by the Environmental Agencies of the countries in which we operate issue.

OASIS has three Waste Licenses.

Contact us

Our Group Data Protection Officer and our Compliance team will be happy to support you with any data protection or data privacy queries or requests.

Compliance team

Email: compliance@oasisgroup.com

Data Protection Officer

Sian Wright, GRCI Law:

Telephone: + 44 3338007000
Direct Dial: + 44 1353494369
Mobile:       + 44 7342718432

Email: swright@grcilaw.com