BestDoc Achieves ISO 27001:2013 Certification for Information Security Management

BestDoc, India’s fastest growing B2B HealthTech player, announced today that it has achieved ISO/IEC 27001:2013 certification, reinforcing its commitment to information security and confidentiality of client data. 

BestDoc chose ISO 27001, among the several ISO standards, as it specifically relates to information security. The certification followed an extensive audit process by TÜV Rheinland, a global leader in independent inspection services. Among the various ISO certification boards, TÜV Rheinland has a special reputation in compliance testing and certification. 

Getting an ISO 27001 certification involves looking into three key aspects: People, processes and technology. The audit process involved reviewing the day to day activities within each function in BestDoc, and identifying areas for improvement in information security. 

Fayaz Bin Abdu, Co Founder and CTO, BestDoc, says, “We rigorously went through each process multiple times and started fine tuning it based on the audit findings at each stage. Other companies complete the audit in 3 to 6 months, but we took 8 months to ensure we were not doing it simply for the sake of getting the ISO certification. We wanted the improved processes to be embedded in our workflows.”

In addition to achieving information security, the audit process also helped BestDoc become more process-driven and less people-driven. Fayaz adds, “We used to be sensitive about handling data even before the ISO certification. The major improvements were on the data management and DevOps aspects, with the processes becoming people independent. Our documentation is now much more structured, which gives me a lot of peace of mind.”

BestDoc will be audited every year as part of the certification process to ensure the processes are maintained as per the standards laid out by the certification body. The audits will also involve checking newer scenarios and business cases and whether these are also compliant with the requirements. 

BestDoc’s solutions are used by 200+ healthcare providers, including leading brands like Aster DM, Apollo Hospitals, and Narayana Health. The company’s solutions are simple to integrate with HISs with a proven track record of multiple successful integrations with leading HIS players.