Suggested region and language based on your location
Your current region and language
Clatterbridge Cancer Centre NHS Foundation Trust achieves ISO 27001:2022 with BSI.
“The public sector is entrusted with vast amounts of personal and sensitive data, making adherence to legal and regulatory requirements a top priority.”
To enhance information security and protect patient records, the Trust pursued ISO 27001 certification. With support from BSI and a management system consultancy, Clatterbridge achieved certification and transitioned to ISO 27001:2022.
Clatterbridge Cancer Centre faced growing regulatory demands and evolving cyber threats while handling sensitive patient data and personal information. To comply with legal obligations and NHS data security requirements, including the UK Data Protection Act and GDPR, the Trust needed a comprehensive framework to protect patient data and mitigate risks. The goal was to enhance data confidentiality, integrity, and availability through systematic, organization-wide security practices, building confidence and trust among patients and staff.
Clatterbridge engaged with BSI, their ISO 9001 partner, and undertook a review of ISO 27001 clauses, scope, security needs and established an ISMS with their consultant. They centralized the ISMS in SharePoint, ensuring comprehensive coverage and relevant controls were applied across all four sites. The Trust performed mock audits internally before successfully achieving ISO/IEC 27001 certification and transitioning to ISO 27001:2022, adding 11 new controls. This aligned with other standards, simplifying integration and reinforcing security.
Proactively safeguarding data and ensuring service continuity.
Reassuring patients, staff, and stakeholders by proactively safeguarding data.
The strengthened ISMS ensures critical services during cyber threats, boosting resilience.
Regular audits and improvements fosters commitment to data security and resilience.
Transitioning to ISO/IEC 27001:2022 helps Clatterbridge address modern threats and align standards.
Over 50% of public sector and NHS entities report cyber-attacks occurring at least once a month.
Cybercrime costs the UK around £27 billion annually.
UK businesses and public organizations faced 7.78 million cybercrimes between 2023 and 2024.
Phishing remains the most prevalent type of cyber breach or attack.
“BSI’s expertise and support made our ISO 27001 journey seamless, providing insights that strengthened our information security framework.”
Reach out and see how we can help guide you on your path to sustainable operational success.
