• Search BSI
  • Verify a Certificate
BSI Home page
Contact Us
Search Icon
Back to menu Choose a country/region

No countries/regions found

Suggested region and language based on your location

    Your current region and language

    Submit
    Two lab technicians discussing data
    • Case Study
      Healthcare

    Lakeridge Health achieves certification for ISO/IEC 27001 and ISO/IEC 27701

    Protecting an organization from cyberattacks requires a multi-layered strategy combining technology, processes, and people.

    “By achieving ISO 27001 and 27701 certifications, Lakeridge Health shows its commitment to superior data security and privacy risk management.” 

    Dr. Ilan Lenga Chief Information Officer and Chief Privacy Officer, Lakeridge Health
    Healthcare practitioners chatting with a patient in wheelchair
    The people

    Embodying a commitment to safety and privacy

    Lakeridge Health strengthens cybersecurity to protect vital patient information and records.

    Lakeridge Health has five hospitals, four emergency departments, three critical care units, a long-term care home, and over 20 community healthcare locations, delivering acute, ambulatory, and long-term care services.

    The Challenge

    Balancing privacy protection and information security

    The challenge is accountability — we needed third-party verification to make sure we were on the right track. There are no actual defined governance or regulatory bodies to report to for cybersecurity issues. This brings accountability into the picture. How do we handle accountability?

    Technology, clinical systems, and privacy are all integrated and part of the daily workflow, so we needed to have both cybersecurity and privacy protection.

    With third-party accreditation, Lakeridge Health was able to meet the required standards.

    The Solution

    Reinforcing the foundation for strong security

    ISO 27001 provided a solid foundation for achieving our security goals, delivering a vigorous risk management framework that aligned with our needs. It gave us a comprehensive view of how to approach security across the organization.

    With privacy now integrated under IT, implementing ISO 27701 allowed us to seamlessly incorporate privacy considerations into our daily workflow, fortifying our security protocols. These two systems together, made sense to us.

    By getting certified by a third party, we are meeting these standards.

    The benefits

    ISO 27001's flexibility lets organizations tailor policies to specific needs.

    IT professional in the server room
    • Icon description

      It helps to define necessary controls and best practices, creating a solid structure.

    • Icon description

      ISO 27001's flexibility lets organizations tailor policies to specific needs.

    • Icon description

      This standard offers a framework for improving security without defining specific actions.

    • Icon description

      Create a customized policy based on what the organization needs.

    Stats and impact

    • 10 percent

      In 2024, the global average cost of a data breach increased 10% over the previous year.

    • 10.5 trillion

      Cyberattacks are expected to cause $10.5 trillion of damage by 2025.

    • 97 percent

      97% of companies gained competitive advantage or investor appeal from privacy investments last year.

    • 57 percent

      Over 57% of healthcare organizations struggle to keep skilled cybersecurity professionals.

    Two women professionals discussing business solutions

    Why BSI

    BSI helps organizations stay future-ready with best practices.

    BSI helps organizations stay future-ready by instilling best practices and showcasing global expertise. As a key member of the ISO/IEC 27001 development committee, we're your trusted partner in improving digital security.

    Contact Us

    Strengthening your data security to mitigate cyberattacks

    We can help you integrate both ISO 27001 and 27701 into your wider business strategy.

    Get in touch
    Get in touch