Information Security General Policy

NEAT GROUP, aware of the importance and sensitivity of the information handled in its professional services of Installation, Maintenance and Support of Information Systems for the Healthcare sector, has decided to implement an Information Security Management System (ISMS) based on the requirements of the ISO 27001 standard, in order to show its implication and commitment regarding Information Security.
 
The General Management of NEAT GROUP has approved this policy in order to create a framework of action that allows:
 
  • Ensuring an optimum level of Information Security managed by NEAT GROUP, in order to obtain the full trust of users of social and health services.
  • Preserving the availability, integrity and confidentiality of the information handled, complying with the needs and expectations of the stakeholders included in the scope of the ISMS
  • Ensuring compliance with current legislation and applicable regulations regarding information security contained in the scope of the ISMS, as well as other contractual requirements.
  • Aligning this Security Policy with the rest of the organization's policies.
  • Protecting the information managed by the ISMS against any misuse, prevent possible security incidents and reduce the potential impact of these ones.
  • Ensuring the capacity to respond to emergencies by establishing Continuity and Availability Plans.
  • Defining a management system that allows continuous improvement of information security in all processes involved in the defined scope for such a system.
For this purpose, a management and risk treatment methodology has been defined and approved which:
 
  • Identifies the assets of the ISMS and their value from a security point of view.
  • Identifies potential threats to these assets and assess their level of risk.
  • Establishes a risk management plan and safety controls to reduce the levels of identified risks to an acceptable level.
  • Monitors and annually reviews the state of the system and the adequacy of the risk analysis carried out.

 

Our certifications

Since our founding, we have been regularly tested. At NEAT, the following certifications come as standard:

Grupo Neat

  • ISO 9001:2015
  • ISO 14001: 2015
  • ISO 27001: 2013

Neat Electronics AB

  • ISO 9001:2008
  • ISO 14001:2004

TeleMedCare

  • ISO 13485:2012