Home | Press Room | Site Map | e-supply | Türkçe
sep

PharmaVision

A well-established past since 1954

sep About Us
History
Services
Management Systems
Recognitions
Products
Press Room

Information Security Management System (TS EN ISO/IEC 27001)

A‒  A+  print

Information can exist in various forms: written, electronically classified or orally transferred. PharmaVision considers the information received from the customers as assets due to the nature of its business and provides a high level of confidentiality, integrity and availability. PharmaVision is the first company in the Turkish pharmaceutical sector to finalize the requirements and to receive the TS EN ISO/IEC 27001 Information Security Management System Certificate in 2007, which substantiates that we value our customers.

ISO/IEC 27001 Information Security Management System defines the only existing requirements which are internationally auditable. We as PharmaVision fulfill the requirements of this system by protecting the continuous workflow, increasing the collective awareness by intercompany seminars, risk management studies and internal audits.

We are pleased to sustain our Information Safety Management System by involving our complete workforce and to be worthy of the trust of our customers and business partners.

INFORMATION AND PERSONAL DATA SECURITY POLICY

This policy encompasses all divisions of PharmaVision and all users who will be authorized to access the information systems.
 
The purpose of this policy, as a requirement of Intellectual Property Rights, Personal Data Protection Law No. 6698, TS EN ISO/IEC 27001 Information Security Management and TS EN ISO/IEC 27701 Privacy Information Management Standards, is to ensure the integrity, confidentiality and availability of the company and customer data as an important asset of the organization, protect personally identified information, preserve the business continuity in our organization, sustain the integrity and reliability of our information management system throughout the relationships with all of our business partners and customers.

Our main targets are;

  • To provide appropriate training to increase the awareness of all our associates and to achieve the required information security and personal data. 
  • To determine and assess the risks against potential information security and personal data threats, and to perform appropriate corrective and preventative actions; to achieve the sustainment of these applications by means of risk management.
  • To review the applications of Information Security and Privacy Information Management Systems by carrying out internal audits on a regular basis to ensure that these systems are up to date.
  • To protect production -and analysis- related information provided by our customers.
  • To establish the authorization rules commensurate with the confidentiality level of the information and personal data to be accessed.
  • To support our Information Security Policy with subsystems and instructions such as “Password Management”, “Clean Desk, Clean Screen”, “Authorization in Information Systems”, “Access Control Policy”, “Information Backup”, and “Network Management and Safety”, “Protection from Harmful Code and Software”, “Ensuring Business Continuity in Information Security and Corrective Actions”.
  • To support our Personal Data Policy with subsystems and instructions such as, “PharmaVision Protection and Processing of Personal Data Policy”, “PharmaVision Employees Protection and Processing of Personal Data Policy”.

We commit to continuously improve our Information Security and Privacy Information Management Systems with the overall participation of our employees.

Dr. Ünsal Hekiman
Chairman of the Board/General Manager

 
sep