Tufts Health Plan Receives ISO 27001 Certification

One of the highest international standards for Information Security

September 06, 2018  

Watertown, MA – For the fifth year in a row, Tufts Health Plan has received ISO 27001 certification, one of the most rigorous certifications related to information security management.

“ISO 27001 is the gold standard certification for cybersecurity, and we are very proud of the fact that it covers all aspects of our business and operations,” said Deborah Stevens, chief security officer at Tufts Health Plan. “We owe a great deal of gratitude to our employees, who take their responsibility to protect our members’ personal information very seriously, and work tirelessly to ensure our business operates with the highest security standards and practices.”

ISO 27001 is a globally recognized standard for companies and organizations that implement stringent procedures to keep data and information secure, including financial information, intellectual property, employee details or customer and member information. While many companies maintain practices to keep their customers’ information safe, an information security management system, such as the one at Tufts Health Plan, continuously looks at an organization's risks and potential vulnerabilities, adapting to new threats and implementing strategies to secure that information. Tufts Health Plan received the certification from Schellman & Company, LLC, a leading national provider of attestation and compliance services.

“Over the last five years, Tufts Health Plan has demonstrated a dedication to security and compliance, continuously adapting to an evolving cybersecurity landscape,” said Jay Imszennik, a senior manager at Schellman & Company, who helped lead the audit of Tufts Health Plan’s systems. “To accomplish this level of compliance, a company must have the highest level of security aimed to protect the sensitive information of its members and partners. We applaud Tufts Health Plan for their continued commitment to information security.”