Information Security Management at ORTEC
At ORTEC we are dedicated to protecting the privacy and security of our customers by handling their data securely. Through yearly independent audits we test our information security management. At the end of 2023, the auditors approved our processes again. As a result, we are awarded the ISO 27001, NEN 7510 certificate and SOC 2 type II report, indicating that we comply with the (international) standards for information security.
The certificates are displayed and available for download below.
ISO 27001 certificate
The ISO 27001 certification guarantees that ORTEC applies comprehensive and compliant information security practices that protect sensitive information. The certification validates our information security management controls for areas such as data security, human resources and software development.
NEN 7510 certificate
NEN 7510 is a Dutch standard that describes measures that healthcare institutions must take to adequately handle patient data. Those measures ensure that information security becomes a controlled process, and relate to all forms in which client data are recorded.
SOC 2 / ISAE 3000 Type II report
International Standard on Assurance Engagements 3000 (ISAE 3000) is an internationally recognized standard on controls assurance. ISAE 3000 is part of a family of related standards, collectively referred to as ‘SOC reporting’.
SOC 2 (System and Organization Controls) is intended for use by service organizations (also known as cloud providers) to issue validated reports of internal controls over information systems to the users of those services. Auditors extensively check that we comply to a set of information security controls that we have chosen adhering to the SOC 2 Trust Service Criteria. The SOC 2 report is available on request. Please contact your ORTEC customer representative.