We use cookies and third-party cookies to improve our services.
If you continue browsing this page, we consider that you accept our use of cookies in the terms indicated in our Cookies Policy.

SGSI Policy

Open HealthCare S.L. is aware of the importance of information security, especially that relating to employees, clients and business processes, has implemented an information management system based on the ISO 27001 standard:

In order to develop the express commitment of the Organization in continuous improvement of the management system, the Management establishes the following management principles of information security:

  • Knowledge and application by all employees and collaborators, according to their role within the Company, security policies and procedures, both general ones and those that may apply to specific groups, including:

    • Access control, opening and closing of facilities.

    • Information and treatment of visits to the facilities.

    • Training, awareness and motivation in safety.

    • Knowledge of roles and responsibilities.

    • Business continuity management.

    • Consequences of failure to comply with security policies.

    • Support in information security management.

    • Compliance with legislation.

    • User Good Practices Manual.

  • Diligence on the part of all employees and collaborators in the communication of possible security incidents.

  • It is necessary to ensure that the procedures that determine the confidentiality, integrity, availability, traceability and authenticity of the information.

  • Support for the security organizational structure established to meet objectives information security control and continuous risk management.

  • Guarantee the correct use of facilities and equipment so that are in accordance with the activity and objectives of the organization.

  • Commitment to protecting the safety and health of its workers, as well as implement an adequate work environment.

  • Structure our management system so that it is easy to understand.

The management of our system is entrusted to the person responsible for Management and the system will be available in our information system in a repository, which can be accessed access according to the access profiles granted according to our current procedure access management.

This policy is complemented by the rest of the policies, procedures and documents in force to develop our management system.

These principles are assumed by the Management, who has the necessary means for its implementation and are communicated for compliance by all employees and collaborators of the company through this Security Policy of the company Information.