TRIMEDX has been recertified with the International Organization for Standardization’s Information Management Security certification ISO/IEC 27001:2013, a widely recognized international standard outlining best practices for information security management.
This recertification, valid through Dec 2026, reverifies that TRIMEDX meets the latest information security industry standards while maintaining and enforcing policies and procedures to promote data security.
“This reaffirms our commitment to excellence for our clients, associates, and stakeholders,” says TRIMEDX CEO Henry Hummel. “We continue our commitment to protecting healthcare providers’ confidential data, ensuring patient safety, and demonstrating operational excellence and rigor around technology and data development and control.”
ISO 27001 provides requirements to companies seeking to implement a comprehensive information security management system (ISMS) to effectively provide security of information assets, through a systematic risk management process covering people, processes, and information technology systems. Meeting the standard demonstrates TRIMEDX’s achievement of advanced safety and security management of information. TRIMEDX was recertified by third-party registrar British Standards Institution (BSI).
The ISO 27001 certification couples with TRIMEDX’s Service Organization Control (SOC) 2 Type 2 and ISO 13485:2016 certification (valid through Aug. 2024) to make up Trimedx’s Quality Management System covering MD QMS and Information Security Management System (ISMS) standards.
ISO 13485 outlines best practices in developing an effective MD QMS that covers the safety and quality of medical devices throughout their lifecycle. SOC 2 is a stringent, third-party industry standard among service organizations that handle client data and is designed to protect the safety and security of the data and its storage. Achieving this level of compliance requires a demonstrated ability to consistently monitor unusual system activity, activate security alerts in the event of a security incident, produce detailed audit trails for root cause analysis and quickly take corrective action.
“We continue to make security and safety a top priority as we serve our clients,” said Doug Folsom, president of cybersecurity and chief technology officer at TRIMEDX. “The protection of client data and information, which ultimately impacts patient safety, differentiates us in what we do to provide clinical engineering services, clinical asset management, and medical device cybersecurity solutions.”