ISO 27001 and HDS
Information is a valuable asset that can make or break a company. In order to be able to do business with confidence, Trustteam is keen to guarantee information security in the correct way.
ISO 27001 is the internationally known standard for Information Security Management Systems (ISMS). This information security management system offers an organization the freedom to grow, to innovate and to expand its customer base, knowing that all confidential data indeed remain confidential. Based on ISO 27001 certification, it can be demonstrated that the ISMS meets all requirements in the field of information security.
ISO 27001 AND GDPR ISO 27001 starts from four organizational inputs: legislation and regulations, policy, stakeholders, and risks. In the legislation and regulations section, every organization operating within the scope of the GDPR is obliged to include the GDPR legislation as input in the ISO system. The GDPR legislation will also impact the other inputs in the organization such as the policy, the stakeholders, and the risks that the organization must take into account. In order to be ISO 27001 compliant in Belgium (and other countries within Europe), GDPR must be included as an essential guideline in the Information Security Management System.
Trustteam fully included GDPR in its ISO 27001 audit. On 15 April 2018 we received the ISO 27001 certificate.
A final step in data protection!
Since November, Health@work has obtained the HDS (Hébergeur de Données de Santé) certification.
This new certification underlines how seriously Trustteam takes data protection. HDS is an imperative requirement for cloud service providers that host personal medical information collected for the provision of preventive, diagnostic and other health services.
French law stipulates that any healthcare organisation - hospitals, pharmaceutical laboratories, external prevention and protection services - that processes personal medical data must use an HDS certified provider. We are therefore proud to announce that Trustteam is now compliant with the requirements of this category of service provider.
In concrete terms, the HDS requires us to take even stricter measures regarding the protection, security, confidentiality and accessibility of medical data in our data centre. These measures include strong authentication and authorisation procedures, robust backup systems and strong encryption methods. HDS also specifies mandatory requirements that must be included in contracts with the cloud service provider. These requirements apply regardless of where the data is stored. HDS certification is the ultimate step for Trustteam in protecting personal data, alongside our ISO 27001 certification.
- One-stop-shop for your IT
- Management of own data centres