Towards information security certification

11 May 2023

Information security protects our users and our business

Laura Pomstra, ISO27001 implementation assistant

Information security is of paramount importance to smartQare. We want to be sure that all data within our company cannot fall into the wrong hands. Laura Pomstra, together with our security officer, is now working on obtaining NEN7510 and ISO27001 certification for information security in healthcare.

"I obtained the bachelor's degree in Computer Science & Engineering and am now working on the master's degree in Information Security Technology. I learnt a lot during my studies and now I want to gain some practical experience in addition. So when I saw a vacancy at TU/e's secondment agency for a part-time job at smartQare, I responded immediately. Since March, I have been involved in the certification for ISO27001 and NEN7510, which is the globally recognised standard for information security in healthcare. It is a big responsibility but fortunately I am well supported by the team."

Closed doors

"We want to get the certificates to show users that we have our data protection in order. Every office is vulnerable to unwanted visitors, both physical and digital. For good physical information security, for example, it is important that doors are closed and laptops are not left open. Digitally, we also want to be sure that no malware can be placed in our system and that no one can access our company data. It has never happened before, but we need to have protocols in place when an incident occurs. We are now mapping all this out."

Audit in September

"Securing information is essential not only for the users of viQtor, but also for the healthcare professionals who will be working with our solution. The certification will soon give our customers the assurance that our system is secure. We expect the audit in September so we still have a few months to connect the dots and I am confident that it will succeed."

Fresh knowledge

"The fact that I can already work at smartQare as a student is pretty cool. There are few companies that offer students such a side job, without it being an immediate graduation project. It's nice to notice that the company is open to fresh knowledge from the uni. And we learn from each other. For example, I have already been able to apply what I learned during a college risk assessment, colleagues were very happy with that. I mainly work together with QA/RA manager Souraya Verhaegen, but can also go to Henk Stapert and Frank Boon with questions. I get a lot of responsibility and they leave me free in how I do my work. I really like that."

Naughty

"I do have the ambition to be a Security Officer at a small company like smartQare. This work really suits me. And I would still like to go further, for example in penetration testing. You then start thinking about how hackers could get into your system. I like that 'hacker mindset'. Everything is done in steps. It might be a bit naughty but ultimately it protects your company and the users of viQtor."