07th March 2009 ISO 27001 – what does that mean?

_

With frequent media stories of documents and dossiers left in taxis; and laptops either stolen from cars and pubs, or forgotten on trains; it’s small wonder that the man in the street is concerned that his details are falling into the wrong hands. And no-one could agree more than FirstCare that sensitive personal information must be securely kept.

From our earliest days we set up stringent safeguards and systems that would ensure that the personal details, such as home addresses, employee numbers, dates of birth, and telephone numbers which we hold were safe from prying eyes. This is especially important the longer we work with a client, gradually accumulating limited medical histories on large numbers of employees; so we’ve never let up on being vigilant.

It was a logical next step for FirstCare, therefore, to apply for ISO 27001 accreditation, the international standard Information Security Management System (ISMS) standard published in October 2005 by the International Organisation for Standardisation (ISO), and the International Electrotechnical Commission (IEC). ISO 27001 sets an internationally recognised Standard of Accreditation for the establishment and maintenance of an effective information management system, with efficient and secure working practices and a commitment to continual improvement.

Gaining it endorses our ethical approach to data management, and we see the ISO standard as an additional reassurance. We have in place a continual cycle of review and revision of our systems, to ensure we surpass all our legal obligations and stay up to date on all the issues surrounding data security. Our clients can rest easy knowing that we start 2009 as the only UK absence management organisation with ISO 27001.