Capula Healthcare awarded BSI security certificate
- 15 January 2008
Capula Healthcare has been awarded a BSI ISO/IEC 27001 Information Security certificate, the key security requirement set by NHS Connecting for Health.
The certificate means that the company’s systems meet Connecting for Health requirements for tight security. Awarded after seven months of preparation, the certificate was assessed and certified by BSI, an external authority.
David Gumm, business continuity manager at Capula Healthcare, said: “We are delighted to be able to build on our reputation for designing and supplying quality software products and services to the healthcare sector.
“As we provide world class patient administration systems in the healthcare sector we knew we had to be totally secure. It is vital that all of our clients’ information, in particular patient identifiable data (PID), is handled securely and confidentially within the entire framework of the healthcare industry.”
Nikki Samme, marketing communications manager for BSI Management Systems said: “Capula Healthcare is one of a fast – growing number of organisations that have successfully achieved this standard. This standard is widely considered to be the most comprehensive set of security best practice controls available and encompasses everything from people to physical environment to IT systems.”
Chairman David Wilkinson said the certificate is an important development for the company: “We have achieved this due to our stringent software development procedures. Now we have the BSI seal of approval, we are raising the bar for information security in our industry. By offering an independent guarantee that we have the correct processes in place to ensure data security, we can provide an even better service to our clients.”
In preparation for ISO 27001 inspection, Capula Healthcare implemented a professional, secure and robust information security management system, which has placed it ahead of its competitors.
The company says it rigorously reviewed their procedures including: identifying information assets; assessing risk and educating staff; and ensuring it was CfH Information Governance compliant.
Links