CIMAS health group has attained ZWS ISO/IEC 27001:2013 certification, becoming the first medical services provider to achieve the standard as the company goes digital.
The certification means Cimas has attained a world-class Information Security Management System that ensures the security and confidentiality of clients’ information.“Crucial in complying with ZWS ISO/IEC 27001:2013 are confidentiality, with information only being disclosed when appropriate to authorised parties, integrity, meaning that stored information is accurate, and the availability of information so that it is available when needed to help deliver services,” Cimas said in a statement.
“To become certified Cimas made improvements to its information technology structure and various other aspects of its security, including training and risk assessment, before going through the audit and certification process with the Standards Association of Zimbabwe at its head office at Borrowdale Office Park in Harare.”
Speaking at the certificate handover ceremony in Harare on Wednesday, Cimas chief operating officer, Thando Kembo said they had securitised client information.“Cimas is following international best practices to mitigate the possibility of cyber threats. We have in place cyber incident response and management processes to monitor and respond to any cyber-attacks,” she said.
“Our ZWS ISO/IEC 27001:2013 certification should reassure our members and other stakeholders that their confidential information is safe with us and that we are compliant with the international standard for ensuring the security of any information we hold related to them.”
Standards Association of Zimbabwe acting director general, Cosmus Mukoyi urged service providers to implement international standards to improve their businesses.
“The successful development and implementation of the ISMS will definitely have a more holistic and positive impact on Cimas’ clients, employees, communities, shareholders and wider stakeholders,” he said.