ISO 27001 and DPCO? What is that?
The “ISO 27001” certification is an information security standard established by the International Standards Organisation. In other words, it certifies that a certain entity (such as OneDoc) has proven that they meet the requirements set by ISO for information security. The DPCO, on the other hand, is the certification of data protection management systems according to Swiss data protection legislation.
The main focus is on data integrity and security, which is especially important when dealing with sensitive data, such as health data. As this is sensitive personal data as it refers to information which, if not properly secured, could lead to breaches of the privacy of the data subjects. Therefore, special care is needed. In this sense, this data must only be accessible and handled by the recipients for whom it is intended.
Both certifications thus confirm that an organisation complies with all standards set, which include periodical examinations of data security risks, implementation of information security controls and focus management on these controls. Technical jargon aside, it means that an organisation meets the requirements of ISO 27001 and DPCO when it comes to securely handling data.