The healthcare sector treats patient data with sensitivity. Agfa HealthCare is responding to this by implementing a strict policy for information security and privacy within their own organization. Belgacom provided the specific expertise to make it possible.
Agfa HealthCare develops IT-solutions for the medical world. These include applications for medical imaging, medical workflow and medical file management. In Europe, Agfa HealthCare has implementations at 1,200 hospitals and 1,000 laboratories. “The patient’s privacy is extremely important,” says Geert Claeys, Technology Manager at Agfa HealthCare. “The laws are strict, but the hospitals themselves are also demanding more and more measures to safeguard information security and their patients’ privacy.” That requires an extra effort because the medical sector is highly computerized and runs because of that the greatest risk of compromise. “It only takes a moment, say an employee who loses a USB-stick with patient data on it, for example. But at the same time, there are still quite a few hospital IT-systems that are not adequately protected.”
As a supplier for the medical world, Agfa HealthCare has to ensure that the entire organization and all the products and services they supply meet the required information security standards. “For a hospital, it is important to know that our products have built-in security mechanisms. What’s more, we are increasingly supplying services remotely, which brings us into contact with the IT systems at hospitals. There again, there need to be clear agreements.” That is why Afga HealthCare decided to launch a program for obtaining the ISO27001-certificate. “By obtaining the certificate, as an organization, you demonstrate that you meet the strictest information security standards,” explains Geert Claeys. “It’s an important signal towards our clients because it shows that clear security measures have been taken. Plus, for the same reason, the certificate will probably also bring us new clients.”
Mixed project team
In order to complement the internal expertise in relation to ISO27001, Agfa HealthCare turned to Belgacom. “In Belgacom we found a partner with experience, in other sectors as well. Belgacom provided us with the knowledge we were looking for and also supported us in developing the right guidelines.” In doing this, Agfa HealthCare chose a process oriented approach. For each process, the company devised the necessary information security policy, throughout all the different departments and countries. “For each process, we draw up a ranking of the potential risks, with associated procedures, technical and physical measures that can be taken to neutralize the security risks.”
Through the analysis, it was determined that the required measures were for the most part already present somewhere within the organization. “The most important job was to develop those measures that were missing and to then roll out the entire program throughout the whole organization.” The result is an integrated system for information management, in function of the patient’s privacy and security and the environmental standards that Agfa HealthCare is required to meet. Belgacom developed the e-learning modules for training the staff. “We now have in place a coherent policy on information security and privacy,” continues Geert Claeys. “We have developed a clear governance based on guidelines that are applied worldwide throughout the entire company.” In the next three years, Agfa HealthCare will be rolling out the solution in the different product groups. Belgacom will continue to assist the company in making this possible.
Company Profile
Agfa HealthCare is part of the Agfa-Gevaert Group. The company has a workforce of 5000, ten research centers and hundreds of sales offices. Agfa HealthCare has a turnover of 1.2 billion euros.
Business benefits
- Coherent policy for information security and privacy in the development and rollout of an Information Security Management System, based on the ISO27001-standard
- Enabler for the company’s further growth: the solution is a prerequisite for many clients from the healthcare sector and this allows Agfa HealthCare to profile and differentiate itself in the market
More info?
For more information on 360° Security Services, visit Belgacom 360° Security Services or contact your account manager.
Most Comments