Compliance in information security

Pharmacy.jpg

Boots needed to put in place a complete information security framework that was compliant with the Code of Conduct for Information Security – The Healthcare and Care Services Sector.

Itera helped set up a complete information security framework that was adapted to the customer's industry, structure and systems. The framework makes processes available to employees at any time. The framework is compliant with the Code of Conduct for Information Security – The Healthcare and Care Services Sector, as well as with ISO 27001.

Itera carried out a risk assessment at Boots, and delivered a risk report that contained a prioritised action list that detailed actions to be implemented as well as who was responsible for each individual action.

Through the collaboration with Itera, Boots has greater knowledge of information security internally and has processes in place that assist with risk assessment and compliance with the Code of Conduct for Information Security, which is essential given the nature of its business. Boots now complies with the legal obligations applicable to its business. The framework covers the security requirements imposed by the Personal Data Regulations and the Personal Health Data Filing System Act.