ISO 27001
International standard for information security management systems (ISMS).
ISO/IEC 27001 is the global standard for establishing, implementing, and maintaining an Information Security Management System (ISMS). It specifies 93 security controls across 4 organisational domains. Healthcare technology vendors are increasingly expected to hold ISO 27001 certification to demonstrate systematic security management to hospital customers. MOVO-X is currently undergoing ISO 27001 certification with a target completion date of Q3 2026.
Malaysian Context
KPJ Healthcare procurement requires ISO 27001 certification (or equivalent) for all technology vendors handling patient data. MOH government hospital ICT procurement also mandates ISO 27001 or MS ISO/IEC 27001.
Related Terms
Encryption at Rest
The encryption of stored data so it cannot be read if storage media is physically compromised.
Audit Log
An immutable chronological record of all user actions and system events for compliance tracing.
PDPA 2010
Personal Data Protection Act 2010 — Malaysia's primary data privacy law governing all healthcare data.
Use MOVO-X for ISO 27001
MOVO-X is Malaysia's leading platform for iso 27001 in hospitals and clinics. PDPA 2010 compliant, PHFSA 1998 compliant, MyKad NFC ready.