The ISO Certification and How Mindable Guarantees Your Data Security

ISO and Standards – What Do They Mean?

ISO stands for International Standardisation Organization. As the name suggests, this organization develops standardized norms. Norms are rules, guidelines, or characteristics for technical circumstances and various procedures. It might sound complicated at first, but these norms actually simplify our everyday lives. The best-known norm is EN ISO 216, also known as DIN 476, which defines the paper format of a DIN A4 sheet. Norms ensure, for example, that no matter which manufacturer you buy a lightbulb from, it fits your socket, that all screws of a type look the same, or that your USB stick fits into any computer.

In our case, we’re talking about norms for various management systems in companies. There isn’t just one norm but an entire rulebook with many norms. If a company meets a norm, it can get certified. There are numerous certificates covering different areas. In the next section, we’ll delve into the ISO 27001:2017 certification, which Mindable has obtained.

What Is the ISO 27001 Certification?

The ISO 27001 certification relates to 114 goals defined, measured, and tested through rules and guidelines in the field of information security. The focus is on protecting data processed within a company, including user information, employee information, and health information. The certification guarantees that every piece of information is protected according to its level of confidentiality.

What does the full name of the norm mean?

DIN EN ISO/IEC 27001:2017 is the complete name of the norm Mindable Health is certified under. ISO norms are developed by the ISO standards institute, while IEC norms are developed by the International Electrotechnical Commission (IEC). EN norms are usually ISO or IEC norms harmonized by the European Commission. DIN stands for the German Institute for Standardization, which created a German version in 2017. Clearly, many people are involved in the creation of a norm.

Why Is This Certification Important for Us?

Mindable Health is a technology-based company, and like many others, we rely on selected IT systems. Vulnerabilities can lead to data loss, disclosure, or manipulation in the worst-case scenario. Because our company handles sensitive health data from app users, information security is a top priority for us.

By implementing an international management system audited and certified by an accredited testing and certification body, we protect all data from the risks and threats of the digital age. This ensures that all data in the app truly belongs only to the user! Additionally, information security is continuously reviewed and improved by external auditors.

Here are the key benefits of ISO 27001 certification at a glance:

• Adherence to internationally recognized standards of the Information Security Management System (ISMS)
• Continuous monitoring and improvement of information security
• Responsible handling of information
• Awareness of IT risks
• Minimization and control of IT risks, potential damage, and consequences of digital attacks
• Company-wide information security: responsibility of management & training of employees

How Does Mindable Guarantee Information Security?

At Mindable, the confidentiality and integrity of user data are particularly important. To ensure this protection, we regularly take various measures. These include internal reviews of the Information Security Management System (ISMS), regular risk assessments, evaluation of identified vulnerabilities, checks on implemented measures, and continuous training for management and staff. Additionally, we are constantly working to improve our system to ensure not only current but also future data security.

Who Conducts ISO Certification?

ISO itself does not issue certificates. These are issued by certification bodies. Certification bodies are thoroughly vetted to ensure they also meet certain ISO norms. It is crucial that these bodies have expertise, independence, and neutrality. Once all requirements are met, they can audit, assess, and ultimately certify companies.

Norms and standards aren’t always as visible as a sheet of paper or a lightbulb socket. An ISO certificate gives you a way to immediately identify companies that adhere to international standards in IT systems and have been externally assessed. Applying for an ISO certificate is not mandatory. We took this extra step to guarantee that your data and information are truly secure with us.

If you’d like to learn more about how your data is protected in the Mindable app, click here.