Recognising The Importance Of Information Security, UK

Main Category: IT / Internet / E-mail
Article Date: 22 Apr 2008 - 4:00 PDT

email to a friend   printer friendly   view / write opinions   rate article

The General Medical Council (GMC) continues to be recognised for its information security procedures.

BSI Management Systems have undertaken an audit of security controls that the GMC has in place, and have extended the areas of the GMC that are covered by the ISO 27001 certificate.
The ISO 27001 standard is widely considered to be the most comprehensive set of security best practice controls available.

Neil Roberts, Director of Registration and Resources for the GMC, commented:

"Recent media events have highlighted the need for clear security controls to be in place. We are delighted to receive this award as recognition of our on-going commitment to information security.

"The GMC is responsible for holding and maintaining sensitive information about all doctors registered in the UK, as well as information relating to patients and the public. We have a duty to ensure that this information is handled appropriately to minimise any risk of a security breach. The award of the BSI certificate demonstrates that our systems and procedures meet a benchmark standard which is respected worldwide."

The ISO 27001 security standard involves an audit of the many ways information is handled within an organisation. This involves checking information is accurate, ensuring that confidentiality is maintained and that information is available when it is needed.

Compliance with this standard provides assurance that the GMC is using best practice in handling information safely and securely. Achieving the standard is not a one-off event but involves ongoing assessment and review, and undertaking corrective action where necessary to ensure the effectiveness of procedures.

Rob Wallis, UK Managing Director of BSI Management Systems, said:

"We congratulate the GMC in becoming one of a growing number of organisations worldwide who have been successful in achieving this standard across multiple areas of their business. These include some of the world's foremost IT, telecoms, finance and governmental organisations."

The GMC has now been certified to ISO 27001 standards in the following areas:

- Registration
- Strategy and Planning
- Fitness to Practise.

The GMC will now be rolling out the standard to the remainder of the organisation during 2008.

The General Medical Council licenses doctors to practise medicine in the UK. Our purpose is summed up in the phrase:

Regulating doctors
Ensuring good medical practice.

The law gives us four main functions:

- keeping up-to-date registers of qualified doctors
- fostering good medical practice
- promoting high standards of medical education
- dealing firmly and fairly with doctors whose fitness to practise is in doubt

BSI is a Royal Charter organisation and the world's oldest National Standards Body. Today BSI is made up of 4 groups: British Standards, Management Systems, Product Services, and Business Information, with services aimed at advancing industry and business in over 100 countries worldwide. BSI Management Systems is one of the world's largest registration bodies, with over 44,000 clients around the world. We provide certification to clients for industry recognised standards, including ISO 9001:2000 (Quality), ISO 14001 (Environmental Management), OHSAS 18001 (Occupational Health and Safety), ISO/IEC 27001 (previously BS 7799 for Information Security), ISO/IEC 20000 (previously BS 15000 for IT Service

General Medical Council