Information Security & Privacy

Policy statement
Agfa HealthCare is committed to support care providers in protecting the privacy of their patients by delivering secure products and services.

We strive to:

  • make Information Security & Privacy an integral part of the quality of our products and services and of our organization and operations;
  • protect patient privacy
  • comply with privacy and security regulations which are applicable to our organization and customers;
  • secure information as critical asset of our business.

Information Security and Privacy in our products and services
Agfa HealthCare invests significant time and means to integrate security and privacy throughout the life cycle of its products and services. The privacy and security measures we apply include, but are not limited to:

  • Risk management and architectural analysis
  • Secure development
  • Authentication and access control to prevent unauthorised access and modification
  • Audit logging to enforce accountability
  • Minimum security and privacy requirements for compliance with relevant regulations and standards
  • Vulnerability scanning and penetration testing
  • Encryption and pseudonymisation
  • De-identification
  • Security and privacy by design and by default

Agfa Healthcare’s ISO 27001 certification
In order to fulfil its Information Security & Privacy commitment, Agfa HealthCare has also established an Information Security Management System (ISMS). This ISMS has been ISO 27001 certified since 2010 and its scope is gradually extending to cover all products, solutions and geographies.

Manufacturer Disclosure Statement for Medical Device Security
Agfa HealthCare also provides information about security controls implemented in its healthcare products and solutions through the publication of MDS2 Statements.

For additional inquiries, please contact us here.

Updates