- Information Security Policy
Information Security Policy
It covers the academic education, training and administrative activities of our hospital and the information assets related to these activities, and the relevant business processes within the scope of the information it carries out to protect these assets.
Our Information Security Management System ensures that our activities within its scope are carried out in accordance with the ISO 27001:2013 standard.
Our ISO 27001:2013 Information Security Management System Policy;
- To provide secure access to the information assets of itself and its stakeholders,
- To protect the availability, integrity and confidentiality of information,
- Evaluating and managing the risks that may occur on the information assets of itself and its stakeholders,
- To apply the necessary sanctions in case of violation of information security,
- To meet the information security requirements arising from the national and international regulations to which it is subject, fulfilling the legal and relevant legislation requirements, meeting the obligations arising from the agreements, and corporate responsibilities towards internal and external stakeholders,
- To reduce the impact of information security threats on business/service continuity, to ensure business continuity and sustainability,
It undertakes to maintain and improve the level of information security with the established control infrastructure.
Business Administration BY.YD.05 Rev No: 1 Rev Date: 30.09.2021 Effective Date: 19.03.2018