It is crucial that PHIN adheres to the highest levels in information governance (IG), with the secure management of data and information a central part of that. ISO 27001 certification gives us and our members the assurance that our data management is secure and robust.
ISO 27001 is a systematic approach to managing sensitive company information so that it remains secure. The process includes people, processes and IT systems by applying a risk management process. PHIN were assessed on 29 June 2016 and received certification on 10 August 2016.
What is ISO 27001?
Feedback from the assessment confirmed we have a robust approach, but there are always areas for continual improvement which we have taken on board. In line with normal procedures, final certification is expected by the end of July 2016.
What does this mean for PHIN and members
The business benefits from ISO 27001 certification are considerable. Not only do these standards help ensure that security risks managed, but adherence to the standards transmits an important message to our members and stakeholders. ISO 27001 plays an important role in the monitoring, review, maintenance and improvement of our information security management system.
We hope ISO 27001 certification will give our members a greater degree of confidence and trust in PHIN’s information governance - that data is secure and confidentiality is upheld.
You can download our certification here. For more information on ISO 27001, please visit the ISO website.