ISO 27001 standard is an organizational information security management model that employs appropriate means to protect and effectively manage the organization’s sensitive information.
ISO 27799 standard adds information and special requirements to the information security management of healthcare organizations that manage medical records, and employs appropriate means to protect the sensitive medical information of the company’s customers.
HIPAA – Health Insurance Portability and Accountability Act is an American law that has been adopted in Europe, including Israel, for information security management at healthcare companies. It applies to healthcare organizations and their suppliers and subcontractors. The standard protects medical information through processes and controls such as risk management.
ISO 27005 standard establishes guidelines for the management of organizational information security risks. This standard complies with the general concepts detailed in ISO 27001 and is designed to assist in the proper implementation of information security based on a risk management approach.
The process begins with meetings with key people at your organization to learn your work processes. A consultant from our company characterizes the work processes and develops the procedures, work instructions and forms and, in cooperation with the organization’s personnel, identifies the information security risks. The company’s procedures that are developed are approved by a representative of the organization’s management. Once the procedures have been approved, we help you implement them. The integration process may include, according to your needs, trainings, internal audits, preparation and participation in a quality management review, and more. We guarantee that at the end of the consultancy process, you will successfully pass an objective audit by one of the organizations authorized to examine compliance with the standard in Israel.