ConsentWise (Digital Consent Limited), a provider of medical consent automation software solutions to the UK healthcare industry, has been awarded ISO 9001:2015 and ISO 27001 certification. This certification reflects our commitment to quality management and securing our data on behalf of customers and their patients.
ISO 9001 gives us the strategic tools we need to build our reputation for safe, reliable and trustworthy products and services. Implementing a quality management system was deemed the best way to enhance patient safety and provide patient-centered care.
ISO 27001 certification gives our customers the confidence that ConsentWise has the necessary controls in place to protect sensitive personally identifiable information (PII). Certification helps us to implement systems and policies that prioritise the security of the data we hold, minimising the risk of data breaches.
To achieve this certification, the British Assessment Bureau audited ConsentWise on quality, processes and security compliance. During this process, ConsentWise demonstrated an ongoing systematic approach to managing and protecting company and customer data. The audit process for ISO 9001 covered areas such as business continuity, process management, leadership commitment, engagement of people, change and improvement, evidence-based decision making and relationship management. The audit process for ISO 27001 covered risk management procedures, threat mitigation, loss prevention, access control, physical security, and wider security practices.
On achieving this certification, Robin Balmforth (Co-founder) said:
“We are building a business based on sound principles and have focussed on early adoption of these internationally recognised standards to allow for engagement with new markets as we grow the business. By achieving the highest level of UKAS accredited (government-backed) ISO 9001 and 27001 certification we are demonstrating our commitment to customers, delivery of a quality solution and mitigating security risks to keep our customer’s data protected. Annual re-certification will ensure these measures become embedded in our business practices”.