Joy is a digital platform designed to enhance preventative healthcare. It enables health and social care professionals to link clients to local services and track outcomes effectively. Joy provides several key products:
- Case Management System: Manages client information and daily activities.
- Marketplace: Connects clients to various local support services.
- Insights App: Offers analytics to measure health initiatives and identify gaps in service provision.
The platform integrates with existing clinical systems to streamline processes and improve care delivery.
The Challenge:
Joy faced several cybersecurity challenges that posed potential risks to their operations. Their main hurdles included:
- The necessity to comply with ISO 27001 standards to unlock more commercial opportunities and win more contracts.
- Meeting the NHS Data Security and Protection Toolkit (DSPT) compliance requirements.
- Achieving Cyber Essentials certification to protect their platform from common cyber threats.
- Reducing risks that organisations in the medical sector typically face, such as data breaches and cyber-attacks.
Without addressing these challenges, Joy risked losing credibility, facing financial losses, and potentially compromising sensitive client information.
Solutions
Periculo brought its extensive expertise in cybersecurity to address Joy’s unique needs. Our tailored solutions included:
- Implementation of ISMS: We developed a robust Information Security Management System (ISMS) to ensure systematic management of sensitive information.
- Audit Preparation for ISO 27001: Our Virtual Information Security Manager service ensured Joy was always audit-ready, maintaining compliance with ISO 27001 standards.
- Penetration Testing: We conducted comprehensive penetration testing to identify and mitigate vulnerabilities in Joy’s platform.
- Cyber Essentials Certification: We guided Joy through the process of achieving Cyber Essentials certification, further strengthening their cybersecurity posture.
Implementation
The implementation process was meticulous and thorough, reflecting Periculo’s commitment to excellence:
- Risk Identification and Prioritisation: We collaborated with Joy’s stakeholders to identify risks and prioritise areas for improvement.
- Audit Coordination: We arranged audits with external bodies to validate the effectiveness of Joy’s security measures.
- Utilisation of Harpe: To maintain the ISMS, we utilised Harpe, a powerful tool that ensures continuous monitoring and management of information security.
Results:
- Our efforts resulted in a continually improving ISMS, externally audited on an annual basis. This demonstrated Joy’s commitment to information security and significantly increased their commercial viability. Additionally, the robust security measures implemented reduced the risk of cyber-attacks, ensuring that Joy’s product remains secure. Our support also enabled Joy to respond confidently to customer RFPs, showcasing their dedication to cybersecurity.
Patrick from Joy shared his experience, stating:
"Periculo's expertise was invaluable in achieving our cybersecurity goals. Their tailored approach and meticulous attention to detail ensured we met industry standards and secured our platform against potential threats. The support provided throughout the process was exceptional, and we are now better equipped to serve our clients securely."
This case study highlights how Periculo made a positive impact on Joy’s operations. By addressing their unique challenges, Periculo enabled Joy to achieve CE+ certification, comply with ISO 27001, and enhance their overall security posture.