Renewed certificates
In today's interconnected digital world, the importance of verified proof for information security cannot be emphasized enough. Our customers entrust us with their sensitive data, and it's imperative that we demonstrate our ability to handle it securely. Annual independent audits serve as a test for our information security protocols, providing assurance to our customers and stakeholders that their data is in safe hands.
At the end of 2024, a new external audit took place at our offices, and we are pleased to share that the auditors approved our information security processes again and therefore reaffirmed our certificates, including ISO 27001 – the world’s best-known standard for information security management systems – and NEN 7510. The certificates can be found below.
ISO 27001
The ISO 27001 certificate guarantees that ORTEC applies comprehensive and compliant information security practices that protect sensitive information. The certification validates our information security management controls for various areas such as data security, human resources, and software development. Our renewed certificate is based on ISO27001:2022, the latest version of the standard. The transition to this version consists of additional controls tailored to the modern threat landscape, places greater emphasis on a risk-based approach, and underscores the importance of management commitment.
NEN 7510
The NEN 7510 is a Dutch standard that describes measures that healthcare institutions must take to adequately handle patient data. Those measures ensure that information security becomes a controlled process and relate to all forms in which client data are recorded.
SOC 2
SOC 2 (System and Organization Controls) is intended for use by service organizations (also known as cloud providers) to issue validated reports of internal controls over information systems to the users of those services. Auditors extensively check that we comply to a set of information security controls that we have chosen adhering to the SOC 2 Trust Service Criteria. The SOC 2 report is available on request. Please contact your ORTEC customer representative.
Continuous improvement
The certificates are valid for three years, though ORTEC will be vetted yearly by an external auditor to ensure continuous improvement.
