Security, Privacy, and Control
We know your patients, co-workers and business require the highest level of trust. Here at Collective Minds we take an end-to-end approach to data security, privacy, and control. GDPR, privacy regulations, privacy-by-design and security-by-design have been our leading stars while building out our globally available, community driven services in Clinical consultation, Education and Research.
Information Security Policy
At Collective Minds, information is fundamental to everything we do from the provision of our services, caring for our customers to efficient decision-making. We take pride in our commitment to protect all our data as part of a strategy aimed at business continuity, risk management and the continuous effort to drive a culture of information security.
Collective Minds implements an Information Security Management System (ISMS) as part of our overarching Quality Management System in order to allow us to identify and minimize the risks to which the information is exposed. Additionally, the system establishes a culture of information security, guarantees compliance with current legal and contractual requirements and other requirements presented by our customers and interested parties.
A fundamental aspect of the policy is the implementation, operation and maintenance of an ISMS based on ISO 27001 covering the scope Management and development of web applications for medical purposes.
Basic aspects of Collective Minds’ information security policy:
- Ensuring the confidentiality, integrity and availability of the information.
- Comply with all applicable legal requirements.
- Establishment of a continuity plan allowing for swift recovery from any disaster.
- Train and educate all employees on information security.
- Properly manage all incidents as they occur.
- All employees are informed of their information security duties and obligations and are responsible for fulfilling them.
- Communicate to all Collective Minds staff and anyone who works on their behalf the mandatory compliance with this Policy, including contractors and visitors to our facilities.
- There is a security officer in charge of the organization’s information security management system (ISMS).
- Continuously improve the ISMS and, therefore, the organization’s information security.
Chief Information Security Officer (CISO)