Government-backed certification and support from a leading UK cyber security provider helps to ensure robust protection for our systems and data.
We acknowledge the need to safeguard sensitive data in the healthcare sector and we take that responsibility seriously. For all Bowmed Ibisqus clients and partners, here’s an overview of the advanced cyber security measures we have embedded in our infrastructure and operational practices, to ensure resilience, compliance and trust. If you require further information or clarification about any of our cyber security measures, please contact us at [email protected]
UK government-backed accreditation
As one of the early adopters of the UK government’s Cyber Essentials scheme, we have demonstrated long-standing commitment to foundational security controls. This certification reflects our proactive stance against common threats.
A dedicated cyber security provider
Our certification and best practice standards are maintained through close collaboration with a dedicated cyber security provider, Intersys. We keep pace with fast-evolving security threats because our provider ensures continuous alignment with evolving standards and threat intelligence.
Intersys further strengthens our defences with a Security Operations Centre (SOC). This is considered the gold standard in cyber security and provides 24/7 monitoring, threat detection and incident response capabilities.
Industry best practice in action
Here’s some of the best practice methods we use to maintain robust defences against cyber-attacks and protect data.
- Data protection is enforced through strong encryption protocols, applied both in transit and at rest.
- Multi-factor authentication (MFA) is mandatory across all critical systems to mitigate the risk of unauthorised access.
- The principle of least privilege (PoLP) underpins access rights, ensuring users and systems only interact with the data and resources necessary for their roles. This minimises exposure and limits the impact of any potential compromise.
- Automated vulnerability scanning enhances our security posture, by continuously assessing our systems to enable early identification and remediation of weaknesses before they can be exploited.
- Ongoing staff training through cyber security awareness reinforces a culture of vigilance and shared responsibility across the organisation.
- Supplier due diligence. As repeated incidents in the national press have revealed, supplier due diligence must form a critical part of a risk management strategy. All of our third-party partners are assessed to ensure alignment with security standards and regulatory obligations.
- Proactive response and transparency. In the unlikely event of a security incident involving personal data, Bowmed Ibisqus will notify the Information Commissioner's Office (ICO) and affected customers within 72 hours, subject to the severity and impact of the breach.
We have nothing to hide – and we invite your scrutiny
We encourage any interested partners to undertake ethical security research. Individuals who identify potential vulnerabilities in our systems are invited to report them via [email protected], in line with our responsible disclosure policy.
