Cimas Health Group has achieved a major milestone in data protection, transitioning to the internationally recognised ISO/IEC 27001:2022 certification, a move the organisation says reinforces its commitment to safeguarding sensitive patient and client information.
The certification marks an upgrade from the earlier ISO/IEC 27001:2013 standard and positions Cimas among a small group of healthcare providers in Zimbabwe to meet the latest global benchmark for information security management systems.
The transition comes as healthcare institutions worldwide face increasing pressure to secure digital records and protect against cyber threats, particularly as systems become more digitised.
Cimas Chief Executive Officer Vuli Ndlovu said the certification reflects the organisation’s broader commitment to operational integrity and data protection.
“Confidentiality, integrity and operational excellence are central to how Cimas Health Group operates,” Ndlovu said, adding that the new certification aligns the organisation with internationally recognised standards for managing sensitive information.
To meet the updated requirements, Cimas implemented a series of upgrades to its information technology infrastructure, alongside improvements in staff training, risk assessment protocols and governance systems.
These measures were evaluated through an independent audit conducted by the Standards Association of Zimbabwe at the group’s headquarters in Harare.
The ISO/IEC 27001:2022 framework sets out strict guidelines for how organisations manage data security, including how they detect, respond to and mitigate cyber risks.
Cimas said it has established comprehensive systems to monitor potential threats and respond to incidents as part of its updated approach.
The organisation added that its Information Security Management System now governs not only its technology infrastructure but also how employees and internal processes handle patient and client data, ensuring that information remains protected at every level.
For patients and partners, the certification serves as a signal that their data is being handled in line with global best practices, at a time when concerns around privacy and cybersecurity continue to grow.
Cimas said the upgrade is part of its broader digital transformation strategy and reaffirmed its commitment to maintaining high standards in protecting confidential information entrusted to the organisation.
Share Your Comments