Information Security and Data Privacy 

Statement of Intent

Patients Know Best (PKB) prides itself as being a leader in the provision of an online Personal Health Record where patients can manage their healthcare needs.  As part of this, we recognise that we have a responsibility to protect all of the information that we process, whether it belongs to our employees, patients, customers, partners, or suppliers. By protecting this information we can ensure that we maintain our reputation as a trusted organisation, employer and partner, enabling us to grow as an organisation and deliver exceptional service to our customers.

To demonstrate our commitment to information security, PKB has implemented industry best practice security controls and assure the effectiveness of the controls through the implementation of the Information Security Management System (ISMS) and how this complies with the ISO 27001:2013 standard, the global standard for managing information security.

It is the responsibility of all PKB staff to become familiar with our information security and data privacy management processes and to comply with all information security and data privacy policies together with the procedures and standards that underpin them.

In turn, we commit to ensure that our information security and data privacy management systems and processes are efficient, effective and continuously improving to protect our information assets while avoiding the reputational, legal and financial harm that would result from a data breach.

The Executive Board fully support the information security management system and require all our staff, whether permanent, temporary, partner organisations, suppliers and contractors to do the same.

Mohammad Al-Ubaydli, Chief Executive Officer

October 2019