MyPulse is now ISO 27001 and ISO 9001 certified! Achieving these accreditations demonstrates our commitment to information security and quality management. It also provides assurance to our customers, partners, and investors that we are operating to internationally recognised standards.
What is ISO 9001 and ISO 27001?
If you don’t know, the ISO 9001 is a quality management standard. It helps organisations put in place clear, repeatable processes to maintain a quality service to their customers. Compliance with this standard improves operational efficiencies, engages staff and drives continuous improvement.
The ISO 27001 standard is best known for information security management systems. It addresses IT security, cyber security and privacy protection. This standard is crucial for organisations in the healthcare industry to keep their business safe and resilient.
While addressing different aspects of the business operations, both ISO certifications complement each other. They ensure that our business model reflects the company’s interest in recognising and managing risks associated with exploring new opportunities.
How did we get certified?
The whole accreditation procedure took under a year. First, our investors and the executive team endorsed the process. Then we had the buy-in from the wider team who were in charge of the processes and the controls associated with them.
We underwent a two-stage audit by an external certification audit body to assess how we operate and suggest improvements. They reviewed our policies and procedures and the results were gratifying and fulfilling. We breezed through four auditor meetings and gained our certifications.
We got some great feedback from our auditors who were overwhelmed by the amount of documentation, control and comprehensive processes that we have in place. They were also fascinated by the evidence of how great we operate our management systems.
Biggest challenges?
For a small business, our biggest challenge was making sure we do not disturb our agile approach to development.
As a health tech company we are constantly testing and releasing new features. So we used Test Driven Development and pair programming to ensure the high quality of our code. This is why it was important not to disrupt our fast-paced agile approach to development while also ensuring our tech is safe.
What does it mean to be certified?
Being ISO 27001 and 9001 compliant means MyPulse is operating in a safe and secure manner. It provides reassurance over our practices for cyber security and information security. As a result we have clear evidence to show our customers, partners and stakeholders that we have taken steps to protect our data.
Adhering to these standards provides assurance to our staff. Knowing we are operating according to good processes provides a sense of integrity and trustworthiness in our products. Ultimately, it also makes us a more resilient business. We have proven we can identify our vulnerabilities and make improvements while making MyPulse a more robust company.
Achieving these certifications is a testament to the hard work and dedication of our team, and we are proud to be recognised for our best practices in protecting sensitive information and delivering high-quality products and services. – Arafat Sadiq, Co- Managing Director and Chief Technology Officer of MyPulse.
Why is it good for our clients?
Simply put, it means our clients’ data is safe with us. MyPulse adheres to strict rules and processes, we understand and manage risk, giving our clients peace of mind about the safety of their data. We have proven we know how to prioritise what’s important, we are focused and can achieve results. We embrace good habits and good vulnerability management linked to good security.
How are we maintaining compliance after the certification?
At MyPulse, adhering to these ISO standards is of the highest importance. This is why we have scheduled internal audits and regular policy reviews to ensure we remain compliant.
As part of our business processes we will continually review our management systems. Every time we implement new processes or modify any of the existing ones, we will evaluate these against the ISO requirements.
