Recently, news broke that a major hospital chain based in New Jersey was hit by a cyber-attack. The attack was so bad that they had to divert patients to other hospitals, and all surgeries were stopped as they were unable to use their systems. This is very serious as the attack not only exposes their documents, records, and HIPAA data; these facilities are also at a standstill, unable to operate, losing tens of thousands of dollars an hour. This same network was hit by another cyber attack only a few years ago, and they decided to pay their attackers to regain access to their systems. It looks like they did not improve their security, and now face a similar decision on whether to pay. This underscores the risk that all healthcare facilities face with regard to their technology and data. More must be done to protect networks from a cyber attacks and at Case Medical, we have done just that. We have built CaseTrak360 following rigorous ISO 27001 standards and are now moving to apply those standards to the rest of our company.

It is the world’s best known standard for information security management systems. It sets requirements and provides guidelines for implementing, maintaining, and continuously improving an information security management system. Meeting the requirements of the standard means that an organization has put in place a system to manage the risks related to the security of its data, and that the system respects all the best practices and principles of the standard. ISO 27001 promotes a holistic approach to information security, vetting people, policies, and technology. Software and IT systems that conform to this standard have superior risk management, cyber-resilience, and operational excellence.

New risks and cybercrimes are constantly emerging and are increasing with severity. Medical facilities are being attacked by ransomware, financial institutions are having client information stolen, individuals are falling victim to internet scams, and much more. ISO 27001 starts by having an organization map out all of its risks with respect to its data and then sets standards that must be followed to mitigate those risks. Policies are implemented for secure software development, network access, data storage, transactions; basically anything relating to IT systems, networking, and data to ensure it is protected. So, if an organization is exposed to risk/cybercrimes, the organization’s data and systems will be resilient and safe. Anyone doing business with an ISO 27001 certified organization can trust that their data is protected and that the organization’s systems are strong and reliable.

Since 2016, CaseTrak360 has been ISO 27001 certified. This means that since that time, all development has been secure, all servers are safe/resilient, and all data is protected. This translates into CaseTrak360 being an incredibly tough and reliable program that is virtually immune to cyber security risks. CaseTrak360 will not be taken out by ransomware, and there is no feasible way that a hacker could extract data from it. Users of CaseTrak360 can be confident that when they need to use the software, it will work, regardless of the conditions of their own local network. Given that CaseTrak360 is a medical application, this reliability is extremely important; especially given the increased cyber-attacks on medical facilities. Furthermore, CaseTrak360 is audited annually by a third-party auditor, to ensure that it is maintaining the rigorous requirements of the ISO 27001 standard.

Case Medical, the company behind CaseTrak360, is making the transition to the ISO 27001 standard. This means that the requirements of the standard will apply to every facet of the business, and not just to CaseTrak360. This makes sense given that Case Medical manages data relating to the products we manufacture, our employees, accounting, our customers, and other critical data that must be protected. Applying ISO 27001 to the entire company means that all of this data will be safe, as all risks associated with it will be analyzed and procedures will be crafted according to the standard to defend it. Customers of Case Medical can be confident that they are transacting with a company that is meeting the highest standards for data security and their data is at minimal risk. In our modern era of high cybercrime and risk, it is a necessity to follow standards like ISO 27001 to keep data protected and resilient.