Get in touch

Get in touch

  • This field is for validation purposes and should be left unchanged.

Privacy Notice


When you request to download our free implementation guide, we use your name, company name (which is optional) and your email address to email you a link to download the requested document. We may also email you after your download in order to follow up on your interest in our products and services. We will do this based on our legitimate interest in marketing to prospects for our products and services. Your name and email address are stored on our website which is hosted with Digital Ocean. Your personal data is stored for one year after you requested your download, after which it is deleted.

Reveal Menu

Epiphany Healthcare Data Management based in Virginia, USA supports over 950 hospitals and healthcare providers worldwide. Epiphany is dedicated to improving workflow within the healthcare industry and is currently the fastest-growing ECG management company in America. Eddie, the Information Security Manager was tasked with managing the certification to ISO27001 and chose a CertiKit toolkit to guide him and his team through the process.

Reason for certification

It was important for Epiphany to become certified for a number of reasons. “It is helping to re-enforce the trust Epiphany has gained from its global customers through a sincere and dedicated commitment to the protection of customer and patient data. As a provider of cloud-based software to healthcare organizations, we must remain vigilant when it comes to cyber-security and protection of customer and patient data.  The ISO/IEC 27001 standard has enabled us to develop a framework that focuses on remaining current with security methodologies.”

Finding the right solution

The biggest challenge was the time constraints in implementing the ISO27001 standard within the company. The team needed a solution to speed up the process, with its comprehensive guides and template documents, a CertiKit toolkit was chosen. To understand the standard in-depth, Epiphany also purchased the CertiKit ISO27001-17-18 Enhanced Gap Assessment. This includes the exact wording of the standard broken down into an interactive spreadsheet to easily monitor compliance progress. The tool includes relevant parts of the 27017 and 27018 standards created for cloud software companies.

The CertiKit toolkit was chosen because of the clear, informative writing style, ease-of-use customisable templates and unlimited email support.

The process

The toolkit significantly increased internal knowledge. The business had eight colleagues available to work on the project part-time and they spent up to 60 hours per week combined working through the compliance documents. The team gained valuable insight into how an Information Security Management System is best created and maintained. Working through the toolkit gave the team a broader perspective on reducing exposure to risks and providing insight on additional ways to protect the security of information.


From purchasing the toolkit to certification, it took Epiphany just eight months to certify to ISO27001. Eddie would recommend a CertiKit toolkit and certifying to the ISO27001 standard to other businesses. “It provided a better way for us to manage the tasks of policy building, organization of the documents, and determining additional controls to adopt.”  Congratulations to everyone involved!

Over 3000 businesses have purchased our toolkits


The toolkit is well laid out, clearly written and easy to adapt. I like the fact that it is compliant to the standard as a start point. This is difficult to achieve considering the diversity of organisations it is covering.


View all Testimonials