International accreditation for eHealth NSW
In December 2014, eHealth NSW was certified by SAI Global for compliance with the ISO/IEC 27001:2013 Information Security Management System Standard. This is an international standard that provides the basis for effective management of information security systems.
The certification enables organisations to demonstrate excellence and prove best practice in information security management by helping to establish, implement, maintain and continuously improve an Information Security Management System (ISMS).
The ISMS is overseen by a Steering Committee composed of senior managers from each division of Information Services. An ISMS Working Group largely composed of the Security Management group is responsible for operating the ISMS on a day-to-day basis.
"The certification is an excellent achievement by all teams involved and I would like to congratulate them for all their efforts in attaining this internationally recognised accreditation," said Simon Geraghty, Chief Technology Officer, and chair of the ISMS Steering Committee.
Compliance with the standard requires commitment to continually improve control of confidential and sensitive information, providing reassurance to sponsors, shareholders and customers alike.
"We should all be proud that we have maintained the certification for a second year and transitioned to the latest version of the standard (2013) which includes the most up to date and recent developments based on international standards for Information Security Management," said Kavesh Moodley, Group Manager, Security.
The certification also supports compliance with the requirements set out in the NSW Government – Digital Information Security Policy released under the Premiers Memorandum M2012-15.Back to the top of this page