M3 USA's compliance with ISO standard 27001 demonstrates to our clients that they can be confident in M3 USA's processes and their data is secure.
FORT WASHINGTON, PA (PRWEB) July 13, 2016
CASRO Institute for Research Quality (CIRQ) announced certification of M3 USA on June 28 for compliance to the ISO 27001 standard. Through scheduled technical assessments and constant collaboration among M3 IT Leaders, M3 USA continues to identify and implement leading security and privacy methodologies.
M3 USA Director of Infrastructure Technology, Jason Cortes, led the entire process with his team and M3 employees, educating everyone on best practices.
“To be successful, our clients need confidence in their partners’ security processes,”Cortes says. “They want to know we are doing whatever it takes to protect their data. While we already operated to many of the standards’ requirements, securing the ISO 27001 certification helps maintain that confidence and gives M3 a competitive advantage in the marketplace.”
ISO/IEC 27001 is an internationally recognized program that requires an organization to implement and maintain a structured information security and data governance framework. These guiding principles are designed to maintain the confidentiality, integrity, and availability of data within our information systems. Additionally, they are framed to support an evolving legal and regulatory environment for our major practice areas.
“CASRO has embraced the ISO 27001/27002 standards as a recommended option for research companies to use as a framework to develop an information security management system to protect the valuable information they collect,” commented Jennifer Ward, Managing Director of CIRQ. “Effective data security requires a comprehensive plan that includes identifying risks, educating employees and formulating processes to avoid mishandling or unauthorized access. We are pleased that M3 USA sees the value of the ISO 27001 standard framework as a practical, sound strategy toward meeting its information security goals.”
To continue compliance with ISO 27001standards, certified organizations must also promote a “continuously improving” environment. ISO demands that, over time, organizations develop better and more robust Information Security programs that evolve with IT and Regulatory landscapes.
With growing data privacy concerns, accredited certification to ISO/IEC 27001 demonstrates M3 has defined and implemented best-practice information security practices with continuous commitment from executive management.
About M3 Inc.
The M3 Inc. operates in the US, Asia, and Europe with over 3.5 million physician members globally via its physician websites such as mdlinx.com, m3.com, research.m3.com, doctors.net.uk, medigate.net and medlive.cn. M3 Inc. is a publicly traded company on the Tokyo Stock Exchange (TYO:2413) with subsidiaries in major markets including USA, UK, Japan, S. Korea, and China. M3 Inc. provides services to healthcare and the life science industry. In addition to market research, these services include medical education, ethical drug promotion, clinical development, job recruitment, and clinic appointment services. M3 has offices in Tokyo, Washington D.C., Fort Washington, PA, Oxford, London, Beijing, and Seoul.
CASRO formed CIRQ (The CASRO Institute for Research Quality) to provide assessment and certification services to research firms seeking certification to ISO 20252, ISO 26362 and now ISO 27001. CIRQ, a non-profit entity, is committed to providing timely, thorough, and impartial assessments of its customers' quality management systems or information security management systems in order to make a determination regarding certification to corresponding standards. All CIRQ auditors for ISO 20252 and 26362 have extensive experience in the research industry. All ISO 27001 auditors are certified lead auditors and have comprehensive information security credentials. CIRQ has been established in compliance with all ISO requirements for certification bodies that provide auditing and certification services. In order to conform to its mandate of objective and impartial audits to these ISO standards, CIRQ is independently operated and managed under the oversight of an Advisory Board and submits to an audit against ISO/IEC 17065 Standard for Conformity assessment Requirements for bodies certifying products, processes and services conducted by external authorities on ISO certification bodies.