Data Protection Day: patient safety on the digital highway
On January 28, Data Protection Day, we consider the importance of protecting the privacy of personal and business information. There is no sector in the world that handles so much personal data as the healthcare industry. Not only doctors, but nurses, insurance companies, pharmacists, other professionals in health care and trusted third parties need access to personal patient files in order to provide the best care.
NewCompliance is a global company providing innovative software solutions to improve patient safety and efficiency in hospitals in Europe and the US. The applications developed for this purpose are based on, among other things, personal and medical data of patients. Not surprisingly, privacy and information security is high on their agenda.
In order to ensure that information management at home and abroad is in order, NewCompliance decided to become certified according to the international standard ISO 27001. This certification was performed in a combined process with the recertification against the Dutch standard NEN 7510 for information security in healthcare. Kiwa has helped them with this.
Information security part of patient safety
Bryan Bhoelai, RA and QA manager at NewCompliance, explains about the importance of information security for the organization and its clients. 'NewCompliance provides a platform that links and bundles information from a hospital's source systems - from patient records to data from OR equipment and building management - in clear, real-time dashboards. This avoids double registration, for example, and allows care providers to be provided with actionable information. We connect to more than thirty source systems and offer extensive analysis and reporting tools for various devices. Results in terms of quality, utilization and cost-effectiveness can thereby be influenced in a positive way. Because the data used in the healthcare sector is by definition sensitive to privacy, we are committed to dealing carefully and efficiently with the data with which we work.'
Bhoelai continues: 'Better patient safety is NewCompliance's mission and information security is, in our view, an important part of that. We work closely with external parties to secure our internal network. In general, we make extensive use of multi-factor authentication and reverse proxy to prevent third party access. In addition, we shield our software from the outside world as much as possible, for example using login accounts from a linked active directory.'
Certified by Kiwa
One of the reasons NewCompliance chose Kiwa was the wide range of certifications. Bhoelai explains: 'We used to be certified at various organisations, but we wanted all certifications to be central. And at Kiwa that was possible. Thanks to the certification process, we have created more structure in our thinking and working processes with regard to the processing of data. Information security plays a role in our company at every level, from product development to marketing. It is important that everyone is aware of his or her role in this.'
Would you like to know more about cybersecurity in the healthcare sector and Kiwa’s NEN 7510 or ISO 27001 certification? Read more in this article.