SmartMed has managed to obtain its ISO 27001 certification barely two years after it was founded. Every day the professionals of SmartMed are working on the further development of the SmartMed Med Med Medication Management System.
What is the relationship between "Patient Central" and ISO 27001 certification for SmartMed?
From the beginning Alfred Godeke, founder and CEO of SmartMed, has defined a number of strict principles for his company. The most important of these are:
The best test for SmartMed to show that they had their affairs well done internally was to apply for ISO 27001 certification. Many companies have preceded them in this and any company that has eventually succeeded in obtaining this certification will agree that it is an enormously challenging exercise to meet all the small and large conditions that eventually lead to the formal certification.
Information security is becoming increasingly important in Europe, especially in the field of information management in healthcare. With this, the importance of the internationally recognized standard for information security is also increasing.
SmartMed started the ISO 27001 certification process in February 2018. All processes have been scrutinized and, if desired, adapted and documented. In most cases we already worked in a very safe way. Informal processes and agreements have been formalized, whereby it was noticed that hardly any major business changes were necessary.
The General Data Protection Regulation (AVG) is the new legislation on information security that came into force on 25 May 2018. The law imposes stricter requirements on the way companies handle information. Partly due to the high level of information security, SmartMed already complied with AVG/GDPR standards six months before this legislation came into force.
"Even though we are now proud of the result achieved, we must remain sharp and continue to optimize our processes" says Ywe ten Kate, Security Manager at SmartMed. "The process is not over for us. We use the ISO 27001 to continue to improve our organization. There is always room for improvement. That's why SmartMed already complies with all important guidelines and principles of the NEN7510 and NEN 7513 standards". Because SmartMed uses the "Security by design" techniques in the development of its applications, information security is not a "separate" module of our software, but all standards and requirements mentioned in the NEN7513 are used as a starting point in the "design" phase of SmartMed.
With SmartMed the well secured medication monitoring is in good hands from the patient's perspective. Wherever the patient is in the "Care Chain", the SmartMed medication management application always has direct access to the current medication overview of the patient. Because SmartMed is multimedia developed, SmartMed offers the patient the possibility to access all available medication information on any information medium, regardless of time or place. SmartMed guarantees that in the year 2018 patients can access their AMO (Current Medication Overview) anytime and anywhere in an ultra secure way.