New ISO 27701 certificate proves: TMC is on top of the GDPR requirements
TMC cares about data protection and privacy. Especially nowadays, with the rise of cyber-attacks, data breaches, and the legal requirements to meet legislation, this topic cannot be left behind. Since the implementation of the General Data Protection Regulation (GDPR) in 2018, a lot has happened. As TMC wants to make sure personal data is protected and privacy information is managed most adequately (especially considering that we process patient data) we are proud to announce that we got the ISO 27701 certificate in March 2021. TMC is the first company in Unilabs to be certified in this ISO and hopes to be only the first great example but not the last.
The ISO 27701 standard will help us to stay on top of privacy within the organisation. This new ISO specifies the requirements and guides establishing, implementing, maintaining, and continually improving a PIMS (privacy information management system). It demonstrates compliance with our contractual and regulatory obligations and improves internal competence and processes to avoid breaches. Furthermore, this ISO will help us improve customer and business partner confidence.
The implementation of the standard was managed by the ISMS (Information Security Management system) manager Javier Castillo, and the Data Protection Coordinator Ida Anderman. Rosie Nunn, The Quality Manager, is responsible for the continuous review and audits of the ISO. While it is great news that we achieved this ISO, it was not a surprise as we have a well-implemented ISMS system in place (ISO 27001) since 2011 and excellent GDPR policies and procedures, which were rolled out by our Unilabs DPO Miroslava Greštiaková.
As TMC wants to make sure personal data is protected, the implementation of the ISO 27701 is a great milestone to assure individuals (patients and others) that their data is duly protected.