Clinical Social Networking Platform DocCom Achieves Key ISO 27001 Information Security Certification
21 May 2013DocCom, provider of the first cloud-based enterprise social networking platform exclusively for healthcare, today announces that it has achieved the ISO 27001 standard for its suite of hospital collaboration products – ensuring that clinicians are guaranteed the highest possible information security management standards for any personal, clinical and operational information shared within the DocCom network. DocCom earned the prestigious accreditation following a rigorous external assessment process.
The internationally-recognized ISO 27001 standard demands that companies adhere to robust control disciplines spanning areas including risk management, security, business continuity management and compliance. Gaining ISO 27001 certification involves passing over 100 stringent checks and balances, and is the benchmark information management standard.
DocCom’s Co-founder and Medical Director Dr Jonathan Bloor comments: “Gaining ISO 27001 certification is a key milestone for DocCom in our ambition to make healthcare a safer and more efficient place through better communication and collaboration. Improved communication delivers transformative benefits to healthcare teams and organizations – saving both lives and money – but information governance remains of paramount importance for clinicians, patients and organizations alike. We have now been recognized as meeting the industry’s highest information security management standards.”
Neil O’Connor, Managing Director from Activity, specialists in information security says: “The recognition of ISO 27001 certification is a major attainment for any organization, and DocCom’s certification underlines its commitment to approved security structures to protect data. We congratulate DocCom on its achievement.”
The certification process examines all aspects of DocCom’s business and operations, from user front-end interfaces through to back office systems, focusing on the security of data, documents and messages. According to industry experts, most data breaches are not caused by hackers, but by bad business processes and policies – human error rather than malicious activity – therefore a key part of the ISO assessment process is to verify the security of processes across the entire company, including data handling and disposal, user access rights and even office access.
DocCom’s certification encompasses its total service provision and back office functions that enable DocCom’s cloud-based enterprise service for the communication of personal, operational and clinical data within healthcare.
“Many cloud software vendors say that their product is hosted in an ISO-certified data centre, yet the company itself is not ISO 27001 certified. This is a subtle yet important difference as it is most often the company’s internal governance processes that are the weakest point. Our ISO certification demonstrates our commitment to the safety of information entrusted to us by healthcare communities and delivering banking-grade security within a healthcare environment,” adds Dr Bloor.
Founded by doctors, DocCom is harnessing the very best social and enterprise networking technology and applying it to the unique requirements of healthcare professionals – empowering healthcare teams to securely find, collaborate, communicate and share with each other effectively, and giving healthcare organizations the tools and insight to solve specific business problems.