Client Challenge
Established in 2001, ezCaretech is a leading electronic health record (EHR) platform business headquartered in South Korea, which provides medical information technology systems to hospitals to help them store and access, including patient information and electronic medical records.
Wonryang Wee, CEO at ezCaretech said: “Our hospital information system solutions are designed so medical staff can access patient information easily, at any time and from anywhere. This gives them a better understanding of a patient’s medical history and current condition which helps them make informed decisions. It is critical that this information can be accessed without risk to patient data being exposed which is why information security is of utmost priority to us and our customers.”
As customer data hold a plethora of sensitive information, it was essential for ezCaretech to demonstrate to their customers that they have the highest levels of security policy in place.
How we helped
LRQA assessed ezCaretech against ISO 27001 and CSA STAR, which demonstrates that the company’s cloud computing networks and software effectively manage security risks.
Certification to ISO 27001 means a company has implemented systems, controls and procedures to protect the information it holds, minimise risk and ensure information can be recovered quickly even in the event of a security breach or natural disaster.
“ISO 27001 compliance indicates that an organisation that is certified has been through a rigorous independent audit process and has demonstrated its ability to meet the stringent requirements of this standard,” said Rob Acker, Technical Manager, Information Security and Business Continuity at LRQA.
CSA STAR certification shows potential customers that ezCaretech’s cloud-based hospital information system is reliable and trustworthy, offering a competitive advantage to the company.
Result
As well as increasing their footprint in the domestic market, ezCaretech also aims to further expand overseas and add to a portfolio that includes the USA, Saudi, Arabia and Dubai. As such, gaining a certified Information Security Management System (ISMS) would give them a distinct advantage in attracting new customers and enhancing current customer trust.
“We decided to choose a global, independent auditing business that really understood our industry and the process we’ve been through to reach certification has helped us to develop a security management framework that works for our business in practice not just in theory,” said Wonryang Wee.