x-tention helped university hospital Klinikum Hanau implement an information security management system (ISMS), drawing on technical expertise and wide-ranging experience to provide support throughout the process. In addition, x-tention has taken on the role of external chief information security officer (CISO) since the ISMS went live.
Challenges:
To fulfil new legal requirements and guarantee patients the highest possible level of data protection in both dayto-day hospital operations and acute situations, x-tention was commissioned to implement an ISMS. The system will guarantee that patient treatment is compliant with statutory requirements at all times, as well as optimizing existing processes.
Solution:
To set up the ISMS as efficiently as possible, Klinikum Hanau opted for the ISMS complete template package plus x-tention’s support as an external CISO. Our ISMS template package, which covers all sector-specific security requirements from the German Hospital Federation’s industry-specific security standards, B3S, combined with our many years of hands-on experience in the healthcare sector, ensured that the ISMS was set up quickly and easily. The result is an ISMS that not only fulfils statutory requirements but is also tailored to the particular needs of Klinikum Hanau. At the same time, the level of information security and employees’ security awareness increased. This was confirmed by the great result received from an audit that verified the hospital’s compliance with Section 8a BIS Act.
University Hospital Jena
Location:
Hanau, Germany
Branch:
Healthcare
‘x-tention’s fast and flexible support allowed us to continue our everyday work while rapidly setting up an ISMS that can be perfectly integrated into day-to-day hospital operations. The x-tention templates with suggested content laid the groundwork for this. They not only considerably accelerated the documentation of our own processes, but also inspired ideas for revising and improving them. Our decision to work with x-tention on setting up our ISMS and to engage them as an external CISO has been validated by the positive result of the Section 8a BSI Act audit.’
Hüseyin Gökceoglu
Head of IT
Benefits
You receive an ISMS template package that...
- contains B3S requirements;
- is based on tried and tested workflows from real-life healthcare scenarios;
- has already been implemented, monitored and audited many times in the healthcare sector.
Implementing an ISMS using our ISMS template package allows you to...
- be perfectly prepared for an audit as stipulated by Section 8a BSI Act;
- systematically document and optimize your internal processes and develop them to a suitable level of maturity;
- reduce the liability risk for management in the long term.
How you benefit from working with x-tention:
- From real life – for real life: Our ISMS contains data based on experience from nearly 10 years of certified ISMS operations
- Boilerplate texts and content are pre-formulated and have extensive commentary
- Guidance from experts with in-depth knowledge of the health and social care system
- You save considerable time and effort when setting up your ISMS
- This is an excellent basis for ISO/IEC 27001 certification and successful verification in accordance with Section 8a BSI Act
- No special software is required – you only need Microsoft Office
