It is Strata Health Solutions’ Information Security Policy to seek to operate to the highest standards, and implement and operate fully the ISO 27001:2013 standard, including continual improvement. Strata Health Solutions will:
Strata Health has been assessed and approved as operating to the ISO 27001:2013 standard, including requirement for annual audit. View our ISO/IEC 27001:2013 Certificate.
In the UK, the NHS has setup an Information Governance standard called the Information Governance Toolkit which is an online system which allows NHS organisations and partners to assess themselves against Department of Health Information Governance policies and standards. As part of this toolkit as a participating organization, Strata Health Solutions completes the Information Governance Statement of Compliance (IGSoC) on an annual basis.
Strata Health is fully compliant, and the status of this compliance can be reviewed at any time at the following site: Status of Compliance
TRA/PIA As part of operating a hosted solution, Strata Health Solutions is often involved in performing Security Threat Risk Assessments (TRA) and Privacy Impact Analysis (PIA) either independently with a certified third party organization or in conjunction with its clients. It is the view of Strata Health Solutions that the process of performing TRA and PIA exercises is an important part of our management model and Strata will continue to work with its clients to ensure the Firm is operating at the highest level.
To contact Strata’s privacy and security department please email firstname.lastname@example.org