I was delighted to be joined by one of our ISO Support Plan clients, Optimum on the ISO show this week. Optimum is part of Totally Group Plc and an important player in the healthcare sector in the UK.
Huge volumes of sensitive data are processed in the healthcare sector. As Information Governance Lead and a qualified Physiotherapist at Optimum, David Angove explains about keeping one step ahead in his role in relation to information security.
David described how Optimum’s ISMS should be like a well-fitted suit rather than a straight-jacket. This all stems from the robust Risk Assessment which considers all risks to your business, including managing the integrity of data. The ISMS helped to put a continual improvement plan in place to mitigate risk. He explains about preventing access to private information through documenting controls and applying them to all 20 Optimum clinics. Examples include physical security controls i.e. locking screens to protect patient data. Other controls relating to personnel security include having a starters and leavers process to ensure access rights are granted correctly, and that access rights are revoked when an employee leaves the organisation.
ISO 27001 also helped with preparation for GDPR compliance, particularly with investigating all aspects of where and how data is stored within the company. When I asked what top tips he’d give to a company looking to implement ISO 27001 David recommended getting assistance from a consultancy such as Blackmores (we hadn’t paid him to say that, I promise!), including support with the assessment, as the consultant will ‘know the standards inside-out’.
David also recommends a gripping read, ‘Ghost in the wire’s: My adventures as the words most wanted hacker’ by author Kevin Mitnik which covers how he hacked into some of the country’s most powerful – and seemingly impenetrable – agencies and companies using social engineering and other methods. This acts as a good reminder about the value of Penetration Testing, to test how good the security of your business is and to understand that everyone is aware of your systems.
He mentioned that you can have the fanciest encryption systems and the best passwords, but if the people answering the phones or processing data aren’t aware of them, then its only as good as the weakest link.
To For an overview of what ISO 27001 entails check out our latest ISO 27001 video….
And for services in this area – check out – ISO Steps to success, or if your ISMS is like a straight-jacket rather than a well-fitted suit, our ISO support Plan will help you into an Armani equivalent ISMS for your business.
To help out the ISO Show:
- Share the ISO Show on twitter or Linkedin
- Leave an honest review on iTunes or Soundcloudh. Your ratings and reviews really help and I read each one.
- Subscribe on iTunes.
Special thanks to David Angove from Optimum for joining me this week. Until next time!
Our 7 Steps to Success
The Blackmores ISO Roadmap is a proven path to go from idea to launching your ISO Management System.
Whether you choose to work with one of our isologist consultants or work your own way through the process on our isology Hub, we’re certain you’ll achieve certification in no time!
What our clients have to say
The support and advise I get from our assigned auditors is immense. Forward planning for the following year is great and they are flexible and always willing to help.
“Blackmores have assisted us almost since the start of our adoption of the ISO 9001 quality standard. Their input has improved our processes since the start, and enabled our goal of continuous improvement to be achieved. The people are also extremely easy to get on with, and they really understand our business, giving us a great deal of confidence in their advice.”
“Blackmores are the perfect bridge between working on your ISO as an individual or company, to being audited each year. We find that any queries we have are covered and we feel sure that we have everything as needs be before going into an external audit.”
“We have been extremely impressed with the service and support provided by Blackmores. There knowledge and assistance through out our ISO journey has been amazing!”
“Blackmores have really kept us on our toes with the broad scope and level of detail they apply to our internal audit schedule. They always stay abreast of ISO standard changes and help us to adapt our processes and documents to embrace these changes accordingly. Having Blackmores shadow our external audits provides invaluable confidence and peace of mind – would highly recommend their services!”
“Our ISO 27001 certification project has gone so well, that there was no doubt in who we were going to ask to help us with our aspirations of becoming ISO 14001 certified. It’s been an absolute pleasure working with Blackmores, and we are really looking forward to working with them for the foreseeable future.”
Trusted by leading organisations across all sectors, we support companies of all sizes in any location.
Listen to our Podcast
Welcome to the ISO Show podcast, dispelling myths and sharing tips for success to improve your business with ISO Standards. Join us to hear interviews with successful business leaders as they share their ISO journey with you.
Get top tips via audio master classes “ISO Steps to Success” on the most popular ISO Standards.