Why is ISO Certification Important?
New risks and cybercrimes are constantly emerging and are increasing with severity. Medical facilities are being attacked by ransomware, financial institutions are having client information stolen, individuals are falling victim to internet scams, and much more. ISO certification starts by having an organization map out all of its risks with respect to its data, its quality systen, and then sets standards that must be followed to mitigate those risks. And when an organization is ISO 27001 certified, its data, software, network, operations and equipment will be resilient and safe. Anyone doing business with an ISO 27001 certified organization can trust that their data is protected and that the organization’s systems are strong and reliable. This is especially important in healthcare settings where patient data needs to be protected and secure.
Certified To A Higher Standard
Case Medical was ISO 9001 certified nearly three decades ago and subsequently ISO 13845 certified nearly 20 years ago. Being compliant to the highest regulatory quality standards is good for our company, good for our customers, and good for patients. Last Friday, Case Medical successfully completed an external audit that re-certified our ISMS system to the most recent version of ISO 27001. Meeting the higher version of the standard also necessitated the installation of new network and computer monitoring tools, moving the ISMS system to a cloud platform, and greatly expounding upon the detail in the documentation that governs how the standard is applied. Long story short, Case Medical meets the higest standard in data security available and our new ISO 27001 certification is proof.
What is ISO 27001?
It is the world’s best known standard for information security management systems. It sets requirements and provides guidelines for implementing, maintaining, and continuously improving an information security management system. Meeting the requirements of the standard means that an organization has put in place a system to manage the risks related to the security of its data, and that the system respects all the best practices and principles of the standard. ISO 27001 promotes a holistic approach to information security, vetting people, policies, and technology. Software and IT systems that conform to this standard have superior risk management, cyber-resilience, and operational excellence.
CaseTrak360 and ISO 27001
Since 2016, CaseTrak360 has been ISO 27001 certified. This means that since that time, all development has been secure, all servers are safe/resilient, and all data is protected. This translates into CaseTrak360 being an incredibly tough and reliable program that is virtually immune to cyber security risks. CaseTrak360 will not be taken out by ransomware, and there is no feasible way that a hacker could extract data from it. Users of CaseTrak360 can be confident that when they need to use the software, it will work, regardless of the conditions of their own local network. Given that CaseTrak360 is a medical application, this reliability is extremely important; especially given the increased cyber-attacks on medical facilities. Furthermore, CaseTrak360 is audited annually by a third-party auditor, to ensure that it is maintaining the rigorous requirements of the ISO 27001 standard.
ISO 27001 and Case Medial
Case Medical, the company behind CaseTrak360, is making the transition to the ISO 27001 standard. This means that the requirements of the standard will apply to every facet of the business, and not just to CaseTrak360. This makes sense given that Case Medical manages data relating to the products we manufacture, our employees, accounting, our customers, and other critical data that must be protected. Applying ISO 27001 to the entire company means that all of this data will be safe, as all risks associated with it will be analyzed and procedures will be crafted according to the standard to defend it. Customers of Case Medical can be confident that they are transacting with a company that is meeting the highest standards for data security and their data is at minimal risk. In our modern era of high cybercrime and risk, it is a necessity to follow standards like ISO 27001 to keep data protected and resilient.
