As technology continues to advance, so do the risks that come with it. Cybersecurity is no longer just a "nice to have" for businesses, it's a necessity. HICAPS understands the importance of making cybersecurity, data privacy and IT governance a priority and first obtained ISO 27001 certification for its Digital portal in November 2019 to help protect our customers partners and communities 

What is ISO 27001?

ISO 27001 is an internationally recognised standard for information security management systems (ISMS). The certification process involves a comprehensive assessment of a company's information security management practices, policies, and procedures. This certification validates that a company has taken necessary steps to secure their data and mitigate risks. ISO27001 provides a framework for organisations to effectively manage security risks and implement appropriate technical and procedural controls.

What does it mean for HICAPS and our customers?

HICAPS is a health claims and payment solution provider that processes a vast amount of sensitive data, including personal and financial information. As such, HICAPS has a responsibility to protect this data from potential cyber threats. A security breach could have catastrophic consequences for HICAPS and our customers, including financial losses, damage to reputation, and loss of customer trust.

To mitigate these risks, HICAPS has made data security a top priority. By maintaining our ISO 27001 certification, HICAPS continues to demonstrate its commitment to implementing and maintaining a comprehensive information security management system. This includes regular risk assessments, identifying and mitigating vulnerabilities, implementing technical controls, and ongoing training for employees to maintain awareness of potential threats.

But ISO 27001 certification isn't just important for HICAPS - it's also important for customers. Customers need to know that their personal and financial information is being handled securely. By obtaining this certification, HICAPS is demonstrating to its customers that it takes data security seriously and is committed to protecting their information.

"The ISO 27001 certification is a crucial aspect of data security for companies like HICAPS. With the constant threat of cyber-attacks and changing threat landscape, it's more important than ever to implement and maintain a comprehensive information security management system. We continue to make Cyber security a top priority for our customers’ peace of mind, and when you deal with us you know your data is secure" says Steven Taub, HICAPS CISO (Chief Information Security Officer).

Certification means we have robust systems, technical controls, procedures and monitoring in place to protect the data that we process and store, so our customers and partners can have a very high degree of confidence in the security of our technical services and how we handle their data.

HICAPS is a subsidiary of NAB and as such leverages NAB information risk framework and security controls where appropriate for our Digital portal, for example, pen testing and vulnerability scanning

HICAPS ISO Certificate of Registraion 
HICAPS Use of Certificates and Certification and Accreditation Mark