ISO 27001 recertification: what it means for us and our partners
Information security and information governance are core to what we do at On The Mend, and we remain committed to operating to the highest industry standards.
The ISO/IEC 27001 Standard is globally recognised to help organisations manage their Information Security controls.
Our recent recertification to this standard reinforces our commitment to putting strong data security standards at the heart of our business.
Stong information security gives us a competitive advantage
Achieving UKAS-accredited certification to ISO 27001 last year has allowed us to provide independent assurance to patients, healthcare professionals and the wider healthcare industry that we have appropriate Confidentiality, Integrity and Availability controls in place.
It has also given us a vital edge over competitors who might not adhere to such standards.
For the past two years, we have been working with Teamwork IMS to ensure our Information Security Management processes adhere to the requirements of the ISO 27001 Standard.
This collaboration has resulted in a versatile plan to implement the controls needed for us to ensure ongoing compliance and achieve UKAS-accredited ISO 27001 certification.
ISO 27001 certification is for life, not just for Christmas
Achieving certification means we have demonstrated that we have in place systematic processes for managing data and information risks, an Information Security Management System with roles assigned across our leadership team, as well as an internal evaluation carried out against these processes and controls.
And it doesn't just stop with having these systems and processes in place; we have also implemented a range of security controls to ensure we continue to achieve these requirements over the life of the business.
These controls cover a wide range of areas from having a set of policies and procedures that reflect the activities of the business, with responsibilities for specific tasks assigned to each member of the leadership team, to ensuring all contractors understand their responsibilities in relation to data security.
Communication is key to data security
Internal communications and access control are also strictly applied to avoid any leakage of information or inappropriate access to potentially sensitive data.
Business continuity management minimises the impact of any possible business interruptions, while system acquisition, development and maintenance establish security as a core part of the development lifecycle.
Creating a strong culture
Achieving ISO 27001 certification, recertification and ensuring ongoing compliance with such industry standards allows our senior leadership team to embed a strong culture of information security and information governance.
Ultimately, this creates a strong foundation on which to build a successful health technology company with big ambitions to use big data to help drive new insights for the wider healthcare industry.
So, ISO 27001 certification benefits us and our industry partners.
If you would like to find how On The Mend can help bring digital transformation to your organisation then please don't hesitate to get in touch with our team.
Have a great day!