BM TRADA awards NHS organization with ISO 27001 certification
LONDON, UK – July 24, 2020 – BM TRADA, part of the Element Group, has awarded NHS Greater Manchester Shared Services (GMSS) with ISO 27001 Information security management certification.
A partner in the health and care system, supporting GPs, Clinical Commissioning Groups and NHS Foundation Trusts in Greater Manchester, GMSS is one of the first NHS organizations to achieve this level of security certification.
GMSS has been working with BM TRADA for 18 months to achieve ISO 27001: an information security management system (ISMS), which outlines a framework of policies and procedures to mitigate the risk of a security breach.
The GMSS IT team worked closely with BM TRADA to identify all online and physical security risks, determine the mitigations, and establish an ISMS. ISO 27001 certification requires a focused effort to identify all potential data security risks. The process includes a detailed gap analysis, training sessions, risk assessment and two audits.
Phil Scott, IT Security Manager at GMSS explains:
“There have been a number of major data breaches in the healthcare industry, which highlighted the vulnerability of the NHS to cyber-attacks. We wanted to reassure our customers that we were committed to keeping data safe and leading the way in cyber security, so ISO 27001 certification was the clear choice.”
“The last few months have truly demonstrated the value of ISO 27001. With a business continuity management system and risk assessment framework in place, we started planning for COVID-19 much earlier than most, which generated excellent results for our customers. By the time lockdown was announced, we had a process in place to act immediately. All 350 employees could work from home safely the following day and all 13,000 of our service-users continued to receive IT services and support. Businesses who needed support most urgently at this incredibly challenging time were able to continue to work seamlessly. The feedback we received from customers was overwhelmingly positive.”
Rob Veitch, EVP Fire and Building Products at Element adds:
“This is a remarkable achievement for GMSS, which is proving itself to be a leader in information security management in the healthcare industry. Becoming certified to ISO 27001 demonstrates that an organisation has been assessed at a globally-recognised standard and has assessed its risks and incorporated procedures to protect its information.”
“With a significant rise in people working from home due to COVID-19, cyber security is open to more breaches than ever before. As businesses re-consider the safety of their workplaces, it is imperative that they also pay extra attention to the safety of the data that they hold.”
Covering more than just IT and cyber security, ISO 27001 certification provides a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an ISMS, and covers all aspects of an organisation’s information risk management process.
Using a UKAS-accredited certification body like BM TRADA ensures the ISO 27001 certification will be readily accepted by many regulators, suppliers and purchasers across the world.
About BM TRADA
BM TRADA, part of the Element Group, specializes in providing a comprehensive range of independent testing, inspection, certification, technical and training services. We help organizations to demonstrate their business and product credentials and to improve performance and compliance.
We exist to help our customers to make certain that the management systems, supply chain and product certification schemes they operate are compliant and fit for purpose.
Element is one of the world’s leading independent providers of materials and product qualification testing, inspection and certification services to the global Aerospace; Transportation & Industrials; Energy; and Fire & Building Products sectors, where failure in service is simply not an option.
We exist to help our customers make certain that their materials, products and systems are safe, quality, compliant and ultimately fit for purpose, leveraging almost 200 years of testing experience and our global testing capabilities.
On December 31, 2019 Element acquired PCTEST and announced the creation of a fifth sector – Connected Technologies – to provide leading global technology customers with wireless device and application testing and certification services.
Catherine Macleod, Marketing Executive
T: +44 (0) 1494 569 684
Holly Russell, Pagoda Public Relations
T: +44 (0) 785 066 2849