This year Aeromed is looking to gain ISO (International Standardisation Organisation) 27001.
ISO 27001 deals with information security and the successful attainment of this accreditation would prove Aeromed has a systematic approach to handling information, that there are policies, procedures and internal monitoring in place with an IT infrastructure that protects information held on its system. Gaining this accreditation would also evidence that Aeromed takes the safeguarding of personal and/or confidential information very seriously.
Aeromed will be audited annually by an independent external auditor to ensure all standards within ISO 27001 continue to be adhered to. In addition to this, throughout the year IPRS will also run a programme of internal auditing to ensure compliance to the standard, any non-conformities will be recorded and corrective actions put in place. Aeromed will also have a Business Continuity Plan and Disaster Recovery Plan prepared to protect the day-to-day running of the business in the event of an adverse incident.
The IPRS Group is registered with the ICO (Information Commissioners Office) as a Data Processor for the Data Protection Act and Aeromed’s sister business, IPRS Health, already holds the ISO 27001 accreditation.
Any breaches of information security or data protection will be thoroughly investigated to determine the root cause along with correction and corrective actions. All incidents will be recorded centrally.
If you have any questions around the ISO 27001 accreditation, please don’t hesitate to contact us.