Blogs
How EMIS is assuring high standards with ISO Certifications
Related Content
Everyone wants good quality software, produced by companies with the highest possible standards. For software used in the healthcare sector, this is absolutely paramount.
At EMIS [now Optum], we prove our high standards in multiple ways, including meeting standards in our contracts for clinical safety, security and NHS requirements. One key way in which we prove our high standards is through ISO auditing and certification.
The ISO (International Organisation for Standardisation) have a network of collaborating experts who have put together standards on the best way to effectively manage different aspects of business. These standards have a huge range of cover, and help to assure that we are operating to a high standard for each of the areas listed above. Some are also contractually required for EMIS Customers and National Contracts.
We dedicate significant resource to ensuring compliance to these standards, enabling transparency of our high standards of working without the need for each customer to dedicate time and resource to individually complete assessments and evaluations of our capabilities.
Different parts of EMIS currently hold and are consistently audited (internally and externally) for the following standards:
| ISO Number | ISO Standard | What does it mean? |
|---|---|---|
| ISO9001 | Quality Standard | The Quality Standard assures that we’re continuously improving products and services and provide quality to customers. |
| ISO20000 | Service Management Standard | This standard assures that we effectively deliver services through planning, implementation, operation, monitoring, reviewing, maintaining and improving. |
| ISO22301 | Business Continuity Standard | The Business Continuity standard assures that we’re sufficiently resilient against threats and prepared for incidents in such a way that disruption to customers is minimised. |
| ISO27001 | Information Security Standard | The Information Security standard assures that within EMIS, data is kept secure, and that risks are identified and managed appropriately with various security measures, such as training. |
| ISO14001 | Environmental Standard | This standard assures that we implement and continually improve ethical, environmentally friendly ways of working. |
Maintaining compliance to these standards requires dedication from across the organisation. For EMIS, this means conducting and facilitating internal and external audits, ensuring that sufficient knowledge and expertise is present and provided across key areas of the business, keeping track of continuous improvement and rectifying any challenges to conformity.
As each certificate lasts 3 years, we regularly recertify to re-assure that our standards have remained high for the above. This year, ISO22301, ISO20000 and ISO27001 are up for recertification, and during the external audits we have the opportunity to demonstrate our management systems’ continuous growth and maturity.
Maintaining and recertifying for ISO Certifications takes time and effort, but we value the opportunity to be transparent in our pursuit to meet the highest standards.
EMIS certification against these standards is a testament to the quality we provide in our products, and the high standards we strive for. They provide assurance that EMIS is utilising industry best practice so that our customers can have confidence in all we do.
More information about ISO Standards is available here.
Lucy Wilkins, Security Compliance Analyst
Lucy joined EMIS’ Security Team in November 2020 as a Security Compliance Analyst. Lucy is responsible for various areas, notably: implementing the Data Governance Process and Audits; planning and carrying out internal ISO standard audits; designing and delivering security training. She is also an employee forum rep for Group Operations and risk champion for Group Security.