Information Security Policy ISO 27001

EUREKA FERTILITY, a company dedicated to Online Marketing and technical solutions in the assisted reproduction sector, has decided to implement an Information Security Management System based on the ISO 27001 standard with the objective of preser ving the confidentiality, integrity and availability of information and protecting it from a wide range of threats. This Management System is designed to ensure business continuity, minimise damage, maximise return on investment and business opportunities, and support continuous improvement.

The Management of EUREKA FERTILITY is aware that information is an asset of high value to the Organisation and therefore requires adequate protection.

The Management of EUREKA FERTILITY establishes the following as base objectives, starting points and foundations of the information security objectives and principles:

  • Protection of personal data and the privacy of individuals
  • Safeguarding the organisation's records
  • Protection of intellectual property rights
  • Documentation of the information security policy
  • Assignment of security responsibilities
  • Training and qualification for information security
  • Recording of security incidents
  • Business continuity management
  • Management of changes that could occur in EUREKA FERTILITY relating to security

The Management of EUREKA FERTILITY, through the development and implementation of this Information Security Management System, undertakes the following commitments:

  • Develop products and services in compliance with legislative requirements, identifying applicable legislation to the lines of business covered by the scope of the Information Security Management System.
  • Establish and fulfil contractual requirements with stakeholders.
  • Define security training requirements and provide the necessary training to all stakeholders through the establishment of training plans.
  • Prevent and detect viruses and other malicious software through the development of specific policies and the establishment of contractual agreements with specialised organisations.
  • Manage business continuity, developing continuity plans in accordance with internationally recognised methodologies.
  • Establish the consequences of security policy violations, which shall be reflected in contracts signed with stakeholders, suppliers and subcontractors.
  • Act at all times within the strictest professional ethics.

This Policy provides the reference framework for the continuous improvement of the Information Security Management System and for establishing and reviewing the objectives of the Information Security Management System. It is communicated to the entire Organisation through the document management system installed in the organisation and its publication on information panels, reviewed annually for its adequacy and on an extraordinary basis when special circumstances and/or substantial changes arise in the Information Security Management System, and is available to the general public.

Scope

The requirements for compliance with the ISO/IEC 27001 Information Security Management standard are applicable to all our online reproduction marketing and assisted consulting services for clinics according to the current Statement of Applicability document.

Understanding that EUREKA FERTILITY is not an isolated entity, but that we consider our environment, assimilating and understanding the context in which we operate, its internal and external stakeholders, as well as the results of its risk assessments, service, legislative or regulatory requirements, as well as any other, it aims to satisfy all their expectations by providing services aligned with information security.