Get in touch

Get in touch

  • This field is for validation purposes and should be left unchanged.

Privacy Notice

X

When you submit an enquiry via our website, we use the personal data you supply to respond to your query, including providing you with any requested information about our products and services. We may also email you several times after your enquiry in order to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to a sale. Your enquiry is stored and processed as an email which is hosted by Microsoft within the European Economic Area (EEA). We keep enquiry emails for two years, after which they are securely archived and kept for seven years, when we delete them.

Reveal Menu
Home Blog Epiphany Healthcare Becomes ISO27001 Certified in Just Eight Months

Epiphany Healthcare Data Management based in Virginia, USA supports over 950 hospitals and healthcare providers worldwide. Epiphany is dedicated to improving workflow within the healthcare industry and is currently the fastest-growing ECG management company in America. Eddie, the Information Security Manager was tasked with managing the certification to ISO27001 and chose a CertiKit toolkit to guide him and his team through the process.

Reason for certification

It was important for Epiphany to become certified for a number of reasons. “It is helping to re-enforce the trust Epiphany has gained from its global customers through a sincere and dedicated commitment to the protection of customer and patient data. As a provider of cloud-based software to healthcare organizations, we must remain vigilant when it comes to cyber-security and protection of customer and patient data.  The ISO/IEC 27001 standard has enabled us to develop a framework that focuses on remaining current with security methodologies.”

Finding the right solution

The biggest challenge was the time constraints in implementing the ISO27001 standard within the company. The team needed a solution to speed up the process, with its comprehensive guides and template documents, a CertiKit toolkit was chosen. To understand the standard in-depth, Epiphany also purchased the CertiKit ISO27001-17-18 Enhanced Gap Assessment. This includes the exact wording of the standard broken down into an interactive spreadsheet to easily monitor compliance progress. The tool includes relevant parts of the 27017 and 27018 standards created for cloud software companies.

The CertiKit toolkit was chosen because of the clear, informative writing style, ease-of-use customisable templates and unlimited email support.

The process

The toolkit significantly increased internal knowledge. The business had eight colleagues available to work on the project part-time and they spent up to 60 hours per week combined working through the compliance documents. The team gained valuable insight into how an Information Security Management System is best created and maintained. Working through the toolkit gave the team a broader perspective on reducing exposure to risks and providing insight on additional ways to protect the security of information.

Success!

From purchasing the toolkit to certification, it took Epiphany just eight months to certify to ISO27001. Eddie would recommend a CertiKit toolkit and certifying to the ISO27001 standard to other businesses. “It provided a better way for us to manage the tasks of policy building, organization of the documents, and determining additional controls to adopt.”  Congratulations to everyone involved!

More ISO27001 Resources

CertiKit is a provider of ISO toolkits, consultancy and internal auditing services, and has helped more than 4000 organizations worldwide with their compliance.

For more guidance on implementing the ISO27001:2022 standard, we’ve put together a list of our best free resources including video guides, blogs and downloadable documents.

Free ISO27001 Resources

We’ve helped more than 4000 businesses with their compliance

Testimonials

Compared to competing toolkits, your ISO27001 document structure was very good. The provided "Introduction" of each was useful (I have moved those out of the core documents and into a more comprehensive manual) for the general audience vs security staff. The inclusion of references to 27017 and 27018 were appreciated. You provided more "ISMS-C" oriented artefacts than competitors.

Trusted By Design Inc.
Canada

View all Testimonials

Cookie Control

CertiKit uses cookies to improve your user experience. Some are essential for our website to work, but for others you have a choice over which ones you’re happy for us to use.

Please set the controls below to enable or disable the types of cookies shown.

Nice to have cookies
What are these?

Advertising Cookies
What are these?

Cookie Policy