Health Metrics earns globally recognised ISO27001 Certification for Information Security Management.

 

Health Metrics has obtained ISO27001 certification, an internationally recognised standard in Information Security Management Systems. Our certification applies at both the company level and for our eCase aged and disability care platform in both Australia and New Zealand.

What is ISO 27001?

The ISO 27001 Information Security Management Systems Standard aligns organisations with global best-practice for information security management. It ensures organisations are adhering to a robust and practical framework to assist with the improvement of information security, focusing on the preservation of confidentiality, integrity and availability of information.

Certification at All Levels

We have achieved certification at both the product and company level. ISO 27001 certification is a significant undertaking, involving the implementation of rigorous controls to safeguard against data breaches and cyber threats, ensuring the confidentiality, integrity, and availability of your data.

Independent Audit

The certification process was conducted by an independent third party who completed a comprehensive audit of our security practices. DNV, an independent technical services provider, worked with our team to ensure our policies, procedures, and controls are fully aligned with international standards.

“Achieving ISO 27001 certification represents a significant milestone for the security stance at Health Metrics. The industry now expects technology vendors to be ISO27001 certified at both a company and at a platform level.

Technology leaders such as Health Metrics must be certified at both levels. If you are using a technology vendor to store sensitive client data without this certification, you need to switch technology providers unless you have a high risk tolerance to security breaches. This certification demonstrates our commitment to the information security of the data entrusted to us.

By adhering to the requirements of ISO 27001, we are ensuring the protection of client personal and health data and demonstrating to our customers that they can have full confidence in the security of our products and services.”

Paul Brindle | CEO, Health Metrics

What are the Key Benefits of ISO 27001?

For aged and disability care providers, this certification means client’s personal and health information is managed within a best-practice security framework, reducing the risk of data breaches. It also ensures compliance with regulatory requirements, giving providers confidence and peace of mind to focus on delivering quality care.

Enhanced Data Security

ISO 27001 ensures we handle information security risks effectively, safeguarding your sensitive client data and maintaining confidentiality, integrity, and availability. This demonstrates our commitment to securing your data and protecting your residents’ personal and medical information from potential threats.

Optimised Risk Management

ISO 27001 promotes identifying, assessing, and mitigating risks, reducing the likelihood and impact of security incidents. By implementing these robust security controls, we provide you with peace of mind, knowing that your data is in safe hands and that we are proactive in preventing breaches.

Increased Reliability of Operations

Our certification helps us maintain critical operations during disruptions, minimising downtime and ensuring our systems are always available. This reliability means you can continue to deliver uninterrupted care services, confident that our systems will support you even in times of crisis.

Ongoing Improvement

Regular reviews and updates mandated by ISO 27001 help us stay ahead of emerging threats and technological advancements. This continuous improvement ensures that we provide you with the most up-to-date and secure solutions, reinforcing our dedication to maintaining the highest standards in data security.

Alignment with Government’s Aged Care Data and Digital 2024-2029 Strategy

The Australian Government’s “Aged Care Data and Digital Strategy 2024-2029” highlights the importance of secure and reliable data sharing to support a sustainable and continually improving aged care system.

One of the key strategy outcomes is to ensure: “Data is shared and reused securely to deliver a sustainable and continually improving aged care system.” To support this, the strategy emphasises the requirement for improving security and access control.

ISO 27001 certification aligns strongly with this government priority by ensuring that data and digital technologies are protected, and that access is controlled. Our commitment to ISO 27001 means we are dedicated to providing secure, reliable, and compliant data management.

By developing a culture of security and stringent access controls, we ensure that aged care information is protected from emerging risks, thus supporting the government’s vision of a secure and continually improving aged care system.

Our Commitment to Security

We remain committed to maintaining and improving our security measures to support and protect your operations. As part of this commitment we continually deliver software updates to address any security vulnerabilities identified by our regular 3rd party Penetration Testing activities.

In addition, we have recently partnered with Arctic Wolf, a leading company in the cyber security space, to provide us with best-in-class Security Operations capability. Arctic Wolf’s expertise further enhances our ability to detect, respond to, and mitigate cyber threats, ensuring that your data is protected with the highest level of security.

 

Download our ISO 27001 documentation here.