Leading business to business health organisation, RehabWorks, has achieved certification to ISO/IEC 27001, the Information Security Management System standard from BSI.
RehabWorks began the process for implementing and certifying to ISO 27001 late 2013. It received a number of scheduled assessment visits at its Suffolk headquarters site and its other corporate locations in Scotland, Birmingham and London.
ISO 27001 helps businesses identify the risks to their information security and put in place appropriate controls to competently manage and reduce them.
Chris Humphries, Business Systems Manager for RehabWorks, said: “Achieving ISO/IEC 27001 is a fantastic acknowledgement of the work we put in as a company to ensuring our IT practices are thoroughly appropriate and secure.
“It was even more reassuring for us to learn through the process that our existing policies and procedures were already meeting a lot of the requirements, in aspects such asclient privacy, data transfer and business continuity.
“We have learned a great deal and see certification as a real plus-point when we’re submitting tenders to work with major UK businesses.”
Andy Holdcroft, award-winning CEO of RehabWorks, sees the certification as a vital part of the company’s strategy to ensure client reassurance in terms of data management.
“We are, and always have been, meticulous about how we store or convey client data and how we handle sensitive information, so gaining certification is an important reflection of that,” he said.
“We know customers expect the highest level of security from us and we are confident that is what we are able to provide – whatever the scale of their company.”
Suzanne Fribbins, Risk Management Specialist at BSI, said: “By achieving certification to ISO 27001 RehabWorks has shown it takes securing its customers valuable information assets seriously. This is testament to the hard work and dedication that has gone into taking a well thought out approach to keep information security risks under control and, provide the best possible service to its customers.
“ISO 27001 is increasingly becoming a ‘ticket to play’ and an investment that delivers true business benefits. By demonstrating compliance with this standard RehabWorks will be able to provide stakeholders and customers reassurance that their data is protected as well as meet tender requirements.”