A large number of thorough procedures were put in place to fulfil the LRQA requirements, with many employees undergoing training and fastidiously reviewing information, to gain full awareness of processes within the Centre.
Niels Peek, Professor of Health Informatics and Director of Greater Manchester Connected Health Cities, said: “We are extremely pleased to have gone through this audit and to have been granted the ISO 27001 certification. It confirms that health data can be safely shared for research through our Trusted Research Environment. This is essential to enable advanced data science with health data that is routinely collected within the NHS.”
Gaining ISO27001 has already enabled data sharing with NHS Digital and Salford Royal NHS Foundation Trust, allowing secure data analytics projects to take place. The certification cements HeRC’s best practice approach to research with data, and helps to maintain its position as a leading group in health informatics research.
ISO 27001 is the international standard for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation’s information risk management process.