Information Security Policy

Helium Health is committed to implementing and maintaining compliance with ISO/IEC 27001:2013 standard and continuously improving its information security practices. We have established an Information Security Policy in managing an Information Security Management System (ISMS) to protect the integrity, confidentiality and availability of business and customer’s information.

Helium Health commits to:

• Understanding clearly the requirements and expectations of its stakeholders, both internal and external, including the relevant regulatory authorities;
• Working closely with our customers and suppliers to deliver services in a security conscious fashion;
• Ensuring every employee shares responsibility for effective information security;
• Protecting its employees, information, intellectual property, assets, activities and facilities against misuse, loss, damage, disruption, interference, or unauthorised disclosure. It is also critical that we retain the confidence of those who entrust confidential information to Helium Health;
• Developing and maintaining security policies and controls designed to meet the requirements of ISO/IEC27001:2013. Helium Health’s Information Security policies, procedures, guidelines, and standards, reflect the minimum requirements necessary to maintain an acceptable standard for protecting Helium Health’s information assets and, at the same time, Helium Health’s reputation; and
• Implementing an Information Security Management System (“ISMS”) and ensure it is maintained, continually improved, and supported with adequate resources to achieve the objectives set in this Policy Statement.

We will annually review the Information Security policy and the way it operates, or more frequently in the case of significant change to the nature or scope of risk in the business.