BigHand has identified the need to protect confidentiality, integrity and availability of important information assets and ensure that the facilities provided by the organisation are secure and available for business operation. BigHand works with a number of customers and processes and stores data on their behalf, some of which is highly sensitive personal, legal or medical information. The loss, breach or improper processing or unavailability of this information could have very serious repercussions to BigHand and its customers.
BigHand aims to be recognised as an organisation adhering to the highest level of Information Security best practice and have implemented a formal Information Security Management System (ISMS). The ISMS is formally managed, controlled, independently audited and certified to IS027001 and Cyber Essentials Plus.
BigHand is GDPR Compliant (registered with ICO), HIPPA Compliant, DCB0129 Compliant (NHS Clinical Risk Management), and meets the requirements of the DSP Toolkit.
The scope of the BigHand ISMS states: "The Information Security Management System covers the Development, Provision, Support and (for SaaS client offerings) Maintenance of BigHand’s software range.“
The objectives of the BigHand ISMS are defined as below:
If you require any further information regarding BigHand’s ISMS, please contact [email protected].