SWEDISH CARE SAĞLIK HiZMETLERi A.Ş.

Quality and Information Security Policy

As the senior management of SWEDISH CARE SAĞLIK HİZMETLERİ A.Ş., we proudly pledge that;

The main theme of the “ISO/IEC 27001: 2017 Information Security Management System (ISMS)” and “ISO/IEC 27701 KVYS” standards in SWEDISH CARE SAĞLIK HİZMETLERİ A.Ş. services is basically:

  • To demonstrate that information security management is provided within human, infrastructure, software, hardware, customer information, organisation information, all business and transactions, third party information and financial resources, 
  • To ensure quality and risk management,  
  • To measure information-quality security management process performance,
  • And to regulate relations with third parties on issues related to quality-information security and customer satisfaction.

In this direction, the purpose of our ISMS and KVYS Policy is:

  • To protect the information assets of SWEDISH CARE SAĞLIK HİZMETLERİ A.Ş. against all kinds of threats that may occur from inside or outside, intentionally or unintentionally, 
  • To ensure accessibility to information as required by business processes, to meet the requirements of legal legislation,
  • To work towards continuous improvement,
  • To ensure the continuity of the four basic elements of the Information Security Management System in all activities carried out:

Confidentiality: Preventing unauthorised access to important information,

Integrity: Demonstrating that the accuracy and integrity of the information is ensured,

Accessibility: Demonstrating that authorised persons can access information when necessary,

Leadership and Commitment: Senior management of our company leads the establishment and implementation of ISMS and provides high level participation in ISMS practices.

Personal Information

  • To deal with the security of not only the data kept electronically, but also all data in written, printed, verbal and similar media.
  • To ensure awareness raising by providing Information Security Management training to all personnel.
  • To report to the ISMS and KVYS Team all the openings that actually exist or arouse suspicion in Information Security and to ensure that they are investigated by the ISMS and KVYS Team.
  • To prepare, maintain and test business continuity plans.
  • To identify existing risks by making periodic assessments on Information Security. As a result of the evaluations, to review and follow up action plans.
  • To prevent any disputes and conflicts of interest that may arise from contracts.
  • To meet the business requirements for information accessibility and information systems.

19.16.2023