Fraternidad-Muprespa information security ISO 27001

INFORMATION SECURITY ISO 27001 AND ENS

Fraternidad-Muprespa , Mutua Collaboradora con la Seguridad Social , No. 275 has implemented an Information Security Management System (ISMS) according to standard UNE-ISO/IEC 27001:2022 . The SGSI was audited and certified for the first time by the Spanish Association for Standardization and Certification, AENOR , in December 2010 and since then this entity has carried out the corresponding periodic audits, all of which have been successfully passed. The scope of the SGSI is the set of all computer applications and services developed by the General Subdirectorate of Information Systems, including, among others, healthcare medicine applications, electronic medical records and other developments resulting from the digitalization process undertaken by the Mutual Fund.

This certificate takes on special importance in an environment in which personal data is handled that is part of the special categories of data such as the health data of workers treated in the Mutua's healthcare centers. All of this is materialized in the Information Systems Security Policy, which guarantees the commitment and diligence of the Management.

In addition, in 2024 the certification of the Digital Office has been received according to the National Security Scheme , regulated in the Royal Decree 311/2023 of January 8 . The certification has been issued by AENOR and its scope extends to the digital services provided by the Mutual Fund to the users of its Digital Office, that is: associated companies, collaborating consultancies, affiliated self-employed workers, suppliers and insured employees. The National Security Scheme is applicable to the entire public sector, and therefore to Fraternidad-Muprespa as a Mutual Collaborator with Social Security.

In addition, data protection , which, although currently not mandatory, the entity considers it essential for adequate data protection. The company responsible for this audit, which is contracted in accordance with the Public Sector Contracts Law through an open procedure with advertising, issues a certificate of completion of the audit that is available to our companies, self-employed workers and protected workers, as well as the rest of the agents of interest, including the Spanish Agency for Data Protection .

In short, the objective pursued by Fraternidad-Muprespa with this management system is to offer a set of information systems that support the service provided to all its mutual members, guaranteeing compliance with regulations and security in each of its dimensions, that is; integrity, availability, confidentiality, traceability and authenticity, which is reflected in a quality service aligned with its principles of Social Responsibility Corporate.

Information Systems and ENS

SGSIS FRATERNIDAD MUPRESPA CERTIFICADO AENOR ISO 27001
SGSIS FRATERNIDAD MUPRESPA CERTIFICADO IQNET ISO 27001
Certificado de Conformidad con el Esquema Nacional de Seguridad
¿Que te ha parecido el contenido?