Safe Effective Quality Occupational Health Service (SEQOHS) accreditation is the formal recognition that an occupational health service provider has demonstrated it has the competence to deliver against the measures in the SEQOHS standards.
Dame Carol Black’s review of the health of Britain’s working-age population, Working for a Healthier Tomorrow published in March 2008, advocated clear standards of practice and formal accreditation of all providers who support people of working age. The Government’s response to the review, improving health and work: changing lives, endorsed that recommendation.
In response to this, a broad stakeholder group led by the Faculty of Occupational Medicine developed standards and accreditation for Occupational Health Services. The standards were launched as SEQOHS in January 2010 and the accreditation scheme was launched in December 2010.
SEQOHS or Safe Effective Quality Occupational Health Service is a set of standards and a process of voluntary accreditation that aims to help raise the overall standard of care provided by occupational health services, thus helping to make a meaningful difference to the health of people of working age.
Formerly known as Link-up, The Railway Industry Supplier Qualification Scheme (RISQS) is the supplier pre-qualification service used by buyers of all products and services throughout the UK rail industry, including Network Rail and London Underground. This provides the industry with ownership and governance of its supplier qualification arrangements.
RISQS supports Network Rail and Transport for London (TFL) in managing their supply chain risk. The RISQS scheme is industry-owned, governed, and sponsored by a committee of representatives from across the rail industry.
Certification is provided for under Article 42 UK GDPR. It offers a way for organisations to demonstrate compliance with data protection rules by meeting the standards set out in the certification scheme. To obtain the certification controllers and processors must make binding and enforceable commitments to the certification bodies. The UK GDPR states that certification is a means to demonstrate appropriate technical and organisational measures, compliance with provisions on data protection by design and default as well as a means to support international transfers of personal data. Scheme criteria can be developed by organisations with expertise in a particular area or it can be more general.
Data controllers can choose to build a requirement for certification schemes into their vendor specification to ensure their data processors or sub-processors are being measured against ICO-approved criteria.
Certification bodies will keep a publicly available directory of organisations that achieved certification and will publish a summary of the certification criteria, the evaluation methods and the results of tests conducted. Certification is valid for a maximum of three years subject to regular reviews. If the criteria of the certification scheme are no longer met, the certification can be withdrawn