CYBERSECURITY POLICY

POLICY

SA Health Protecting Services endeavours to follow cybersecurity practices and therefore has antivirus and password protection in place. We are not certified but reference ISO 27001, which is about Information technology, Security techniques, Information security management systems and Requirements.


It is understood that ISO 27001 is applied to protect their information in a systematic and cost-effective way, through the adoption of an Information Security Management System (ISMS).


It is important to protect our most valuable information and prove to customers and partners that it safeguards their data.


The goal is to protect three aspects of information:


1. Confidentiality: only the authorized persons have the right to access information.

2. Integrity: only the authorized persons can change the information.

3. Availability: the information must be accessible to authorized persons whenever it is needed.


An Information Security Management System (ISMS) is a set of rules that needs to be established in order to:


  • identify stakeholders and their expectations of the company in terms of information security

  • identify which risks exist for the information

  • define controls (safeguards) and other mitigation methods to meet the identified expectations and handle risks

  • set clear objectives on what needs to be achieved with information security

  • implement all the controls and other risk treatment methods

  • continuously measure if the implemented controls perform as expected

  • make continuous improvement to make the whole ISMS work better

however through ISO13485 Documentation controls are followed


V1 Digitally Signed by the

Authorised Representative; SB 03.05.2021


Management Representative; AA 03.05.2021


Responsible Pharmacist; SCR 03.05.2021


Responsibilities

It shall be the responsibility of the Top Management Team to establish and maintain policies and procedures and to bring these procedures into effect. It shall be the responsibility of the CEO (Licence Holder) to ensure implementation of these policies and procedures.

Revision History

Revision 1, 03.05.2021 - AA