Compliance is a recurring theme for organisations that need to protect their information. Compliance consists of adhering the laws, regulations and standards.
What is compliance?
Compliance means that an organisation is acting in accordance with the relevant laws and regulations. The term compliance also applies to such fields as finance, quality control and privacy. For digital security, there are various guidelines and certificates that are important for organisations. These have been compiled to force organisations to maintain a high level of protection. Compliance is an important topic for organisations that work with sensitive information.
The GDPR for privacy
The GDPR is a European regulation for organisations that process the personal data of European citizens. This regulation protects and regulates the use of personal data. GDPR stands for General Data Protection Regulation. This law gives organisations the responsibility to take demonstrably effective measures to safely process and store personal data.
European privacy supervisory bodies have the authority to impose hefty penalties if you fail to comply. KeyHub's Auditors Dashboard helps with this compliance and in creating openness.
ISO 27001 and information security
The ISO 27001 is the most popular standard for information security worldwide. The standard describes how you must handle and process information. The purpose of the standard is to ensure the confidentiality, accessibility and integrity of the information within an organisation. The GDPR has tightened the rules in regard to the collection and storage of information and this has made the ISO 27001 standard even more important.
The regulation is intended to protect personal data and company information. With Topicus KeyHub, you can clearly show you are in control of your Identity and Access Management and you expedite the external audits. This makes it much more convenient and saves time.
Other guidelines for information security
KeyHub also helps compliance to other guidelines:
A set of criteria that gives potential clients insight into the quality of the IT services that organisations provide to their users. The process is based on the 5 "trust service principles" for managing client information.
- ISAE 3402
International Standard for Assurance Engagements (ISAE) is an international guideline that evaluates suppliers and internal processes to be outsourced on quality and security. The guideline is intended for organisations that outsource parts of their organisation to service providers.
- NEN 7510
De NEN 7510 is een afgeleide van de ISO 27001 norm die specifiek is gemaakt voor informatiebeveiliging binnen de gezondheidszorg. De gezondheidszorg heeft een specifieke norm, omdat er aparte regels zijn voor de opslag en het gebruik van digitale patiëntgegevens.
The security certificates you possess are periodically tested by an external party. Your organisation must be able to demonstrate that you are in compliance with the current rules and regulations by being open to audits and providing information.
With KeyHub, you show that you have control over your Identity and Access Management. It is important to show that you are in compliance with all the rules, regulations and standards.