Case Study
Healthcare

Boosting Trust and Security Through Certification

Clatterbridge Cancer Centre NHS Foundation Trust achieves ISO 27001:2022 with BSI.

“The public sector is entrusted with vast amounts of personal and sensitive data, making adherence to legal and regulatory requirements a top priority.”

Richard Pilkington IT Security Manager, Clatterbridge Cancer Centre Trust

About BSI

A renowned cancer treatment and research facility

The Clatterbridge Cancer Centre NHS Foundation Trust prioritize data security to protect patients, staff, and stakeholders across its four sites.

To enhance information security and protect patient records, the Trust pursued ISO 27001 certification. With support from BSI and a management system consultancy, Clatterbridge achieved certification and transitioned to ISO 27001:2022.

The Challenge

Meeting Regulatory Demands and Protecting Patient Data

Clatterbridge Cancer Centre faced growing regulatory demands and evolving cyber threats while handling sensitive patient data and personal information. To comply with legal obligations and NHS data security requirements, including the UK Data Protection Act and GDPR, the Trust needed a comprehensive framework to protect patient data and mitigate risks. The goal was to enhance data confidentiality, integrity, and availability through systematic, organization-wide security practices, building confidence and trust among patients and staff.

The Solution

Achieving cyber resilience through information security certification

Clatterbridge engaged with BSI, their ISO 9001 partner, and undertook a review of ISO 27001 clauses, scope, security needs and established an ISMS with their consultant. They centralized the ISMS in SharePoint, ensuring comprehensive coverage and relevant controls were applied across all four sites. The Trust performed mock audits internally before successfully achieving ISO/IEC 27001 certification and transitioning to ISO 27001:2022, adding 11 new controls. This aligned with other standards, simplifying integration and reinforcing security.

The Benefits

Proactively safeguarding data and ensuring service continuity.

Reassuring patients, staff, and stakeholders by proactively safeguarding data.
The strengthened ISMS ensures critical services during cyber threats, boosting resilience.
Regular audits and improvements fosters commitment to data security and resilience.
Transitioning to ISO/IEC 27001:2022 helps Clatterbridge address modern threats and align standards.

Statistics

Find out more

Over 50% of public sector and NHS entities report cyber-attacks occurring at least once a month.
Cybercrime costs the UK around £27 billion annually.
UK businesses and public organizations faced 7.78 million cybercrimes between 2023 and 2024.
Phishing remains the most prevalent type of cyber breach or attack.

“BSI’s expertise and support made our ISO 27001 journey seamless, providing insights that strengthened our information security framework.”

Richard Pilkington IT Security Manager, Clatterbridge Cancer Centre Trust

Let's shape your organization's future together

Reach out and see how we can help guide you on your path to sustainable operational success.

Get in touch

Insights & Media

Learn from global experts in healthcare standards

View Insights & Media

A small group of four medical professionals sit around a boardroom table as they meet to discuss patient cases.

Case Study

How ISO 7101 is Transforming Hospital Care in India

Read the Case Study

Case Study

Delivering the Gold Standard for Ambulance Services

Read the Case Study

Case Study

Transforming Access to Medicines With Aidtrust

Read the Case Study