Smile Digital Health Gets ISO 27017 Certified

Smile once again shows its dedication to true interoperability, which relies on safe data sharing via the cloud, with new ISO certification.
Smile Digital Health

Smile Digital Health (Smile), a leading Fast Healthcare Interoperability Resources (FHIR®) health data platform and exchange solutions provider, announced today their ISO 27017:2015 certification.

ISO 27017:2015 is an international standard providing guidelines and best practices for information security controls applicable to the provisioning and use of cloud services. It supplements ISO 27002:2022, which outlines information security controls for general IT environments, by providing guidance for cloud service customers and cloud service providers.

Having already obtained ISO 27001:2022, and ISO 27018:2019, this new certification is another step for Smile in maintaining the highest level of data privacy and security. ISO 27017:2015 differs, or interacts with Smile’s other certifications in the following ways: ISO 27017:2015 provides guidance on implementing ISO 27001:2022 controls in cloud environments and provides additional detailed controls specifically for the cloud, whereas ISO 27018:2019 certification provides guidance on collecting, processing, storing, sharing and destroying personally identifiable information (PII) and protected health information (PHI) data in the cloud.

“Although entirely voluntary, we chose to extend our current certification of ISO 27001 to include ISO 27017 as part of our systematic commitment to risk mitigation. This new certification helps to ensure our overall security posture in the cloud, while protecting applications and sensitive customer data,” said Luis de Barros, Chief Privacy and Security Officer, Smile Digital Health.

In addition to providing cloud-specific implementation guidance to controls already found in ISO 27001:2022, ISO 27017:2015 includes additional cloud controls to address such issues as responsibilities between cloud customers and cloud providers, protection and separation of the customer’s virtual environment, virtual machine configuration, and cloud customer monitoring of activity within the cloud.

“This certification is particularly relevant for customers of Smile’s cloud-based Managed Services offering since it provides these customers with information on what they can expect from Smile and their shared responsibilities in regards to the services. In this way, both Smile and the Managed Service customer are best aligned to meet their security objectives and to protect their data,” said Clement Ng, Head of Global & Corporate Development, Smile Digital Health.

Smile’s Managed Services is an end-to-end service package, encompassing FHIR®-based implementation, maintenance, security, and support for Smile’s Health Data Platform Solutions. To learn more visit Smile’s website: SmileDigitalHealth.com.

About Smile Digital Health

Smile Digital Health is a people-first healthcare solutions company dedicated to unlocking data throughout the health journey, enabling healthcare organizations to focus on delivering enhanced services instead of managing healthcare data. Our enterprise-grade, open framework health data platform fuels healthcare's digital transformation and accelerates value creation across all patient journeys at scale. Powered by our HL7® FHIR® standard-based clinical data repository, our platform makes unifying, enriching and elevating data, while also complying with mandates, a reality. We prepare healthcare providers, payers, researchers, and life sciences organizations for a connected future beyond legacy systems, adding new value through the intelligent use of information, and creating #BetterGlobalHealth overall. Follow Smile Digital on LinkedIn and YouTube.

Source: Smile Digital Health