Information security as part of patient safety

NewCompliance provides innovative software solutions to improve patient safety and efficiency in dozens of hospitals in Europe and the US. The applications developed for this purpose by the company in The Hague are based on, among other things, personal and medical data of patients. Not surprisingly, privacy and information security is high on the agenda at NewCompliance. As part of this, NewCompliance recently re-certified itself for the NEN 7510 via Kiwa and was awarded the ISO 27001 certificate. Bryan Bhoelai, RA and QA manager at NewCompliance, tells more about it.

NewCompliance provides a platform that links and bundles information from a hospital's source systems - from patient records to data from OR equipment and building management - in clear, real-time dashboards. This avoids double registration, for example, and allows care providers to be provided with actionable information,' says Bryan Bhoelai. We connect to more than thirty source systems and offer extensive analysis and reporting tools for various devices. Results in terms of quality, utilization and cost-effectiveness can thereby be influenced in a positive way'.

Careful and effective

Because the data used in the healthcare sector is by definition sensitive to privacy, NewCompliance is committed to dealing carefully and efficiently with the data with which the company works. We work closely with external parties to secure our internal network. In general, we make extensive use of multi-factor authentication and reverse proxy to prevent third party access. In addition, we shield our software from the outside world as much as possible, for example using login accounts from a linked active directory'.

Information management in order

In order to ensure that information management at home and abroad is in order, NewCompliance decided to go for certification against the international standard ISO 27001. This was done in a combined process with the recertification against the Dutch standard NEN 7510 for information security in healthcare. Information is an important commodity in the healthcare sector. It is even more important to secure and protect that data. Better patient safety is NewCompliance's mission and information security is, in our view, an important part of that'.

Structure

One of the reasons NewCompliance chose Kiwa was the wide range of certifications. ‘We used to be certified at various organisations, but we wanted all certifications to be central. And at Kiwa that was possible. Thanks to the certification process, we have created more structure in our thinking and working processes with regard to the processing of data. Information security plays a role in our company at every level, from product development to marketing. It is important that everyone is aware of his or her role in this'.

Want to know more?

For more information about the NEN 7510 and the ISO 27001 please visit our theme page on information security and cyber security.