Gippsland PHN has achieved ISO/IEC 27001:2022 certification, the internationally recognised standard for information security management systems (ISMS).
ISO 27001 certification confirms that Gippsland PHN has robust and systematic controls in place to protect sensitive information. This includes personal, clinical and organisational data. The standard requires organisations to identify risks, implement appropriate controls, and continuously monitor and improve information security practices. Certification is independently audited against global best practice.
This achievement reflects extensive work across the organisation to strengthen governance, risk assessment processes, policies and staff awareness. These efforts support the safe and responsible management of information that underpins service delivery, planning and partnerships across Gippsland.
Chief Executive Officer Amanda Proposch said the certification is an important milestone for the organisation.
“Achieving ISO 27001 certification is an important milestone for Gippsland PHN. Our Information Security Management System provides a structured and proactive approach to managing risk and protecting information.
This certification gives our partners and community confidence that sensitive information is handled securely and responsibly, and that we are committed to continuous improvement.”
ISO 27001 certification supports national expectations for Primary Health Networks and reinforces Gippsland PHN’s commitment to strong governance, accountability and trust.
