Medical device cybersecurity solutions provider receives SOC and ISO certifications

25 January 2021 14:09

TRIMEDX, a provider of clinical engineering, medical device cybersecurity and clinical asset management solutions to healthcare systems, has successfully achieved the Service Organization Control (SOC) 2 Type 2 certification for its solutions, as well as being awarded the International Organization for Standardization’s Information Management Security certification ISO/IEC 27001:2013.

Each certification verifies TRIMEDX’s operational policies and security controls for service delivery, technology development, and the rigor around the security of client data protecting it from internal and external threats.

TRIMEDX CEO Henry Hummel said: “With the ever-evolving threat landscape, we have a responsibility to our clients to proactively and rigorously secure the data placed in our hands. These widely recognised certifications confirm our commitment to protecting healthcare providers’ confidential data, ensuring patient safety, and demonstrating operational excellence and rigor around technology and data development and control.”

ISO 27001 provides requirements to companies seeking to implement a comprehensive information security management system (ISMS) to effectively provide security of information assets, through a systematic risk management process covering people, processes and information technology systems.

Taking the commitment to quality a step further, SOC 2 Type 2―a, third-party industry standard among service organisations that handle client data―is designed to protect the safety and security of the data and its storage. At the core of TRIMEDX’s clinical asset management solution is RSQ, a computerised maintenance management system that houses client data on over 4.4 million clinical assets. The achievement of SOC 2 Type 2 compliance showcases TRIMEDX’s visibility into client data and the associated safety and security controls in place to protect it, which has been successfully audited and proven effective by an independent third-party.

Doug Folsom, president, cybersecurity & chief technology officer, said: “This is a clear signal to our clients, the industry and regulators that TRIMEDX takes security and safety seriously and has made a significant investment and commitment in adopting ISO 27001 and SOC 2 Type 2 into our culture and how we operate as a business.”

Related

Training our way out of the cybersecurity shortfall

Congress empowers the FDA to act on cyber threats in medical devices

Ways of optimising power and security in BLE medical devices

Zener launches course to protect medical devices from cyber threats