Akgun Journal
News
Another assuring work from AKGÜN…
Another assuring work from AKGÜN…
20 April 2018 - Friday
AKGÜN HBYS(Hospital Information Management System), has been certified as the Hospital Information system software with highest security quality. It has fully achieved TS ISO/IEC 15408 Security Evaluation as requested by the Ministry of Health and awarded with the certificate.
AKGÜN Health Information System is the first Health Application which passes Security Evaluation and certified in accordance with Protection Profile for Security Module of General Purpose Health Informatics Software v1.0, Release Date: 07.09.2016 which is published by Turkish Standards Institute.
Compatible solutions for National Cyber Security Purposes are provided by AKGÜN Software Health Information System.
AKGÜN, company of firsts, breaks a new ground in the sector and certifies its compliance with TS ISO/IEC 15408 Information Technologies IT Products Security Level Certification (Common Criteria) Standard. By means of Common Criteria Certification, it is verified by an accredited and independent laboratory that AKGÜN Health Applications fulfill the minimum conditions set by TSE in the work environment, step by step starting from design stage to the final product.
In accordance with Strategic Cyber Security Objectives set out in the National Cyber Security Strategy which has been published by the Ministry of Transport, Maritime Affairs and Communication in 2016-2019; the purposes of;
Providing that software and hardware solutions used in critical infrastructures fulfill the security requirements,
Providing security inspections in accordance with international standards,
Preventing misuse of the security purposes of domestic and foreign software and hardware solutions,
Developing secure software development and creating supply management culture,
Are achieved by Common Criteria Certification of AKGÜN Software Health Information System.
As AKGÜN Software, we are leading for providing our Health Applications to be in international security and quality standards by adopting the solutions which are developed in accordance with Common Criteria for Health Sector that is considered as critical infrastructures, with both Cyber Security Action Plan and Software Sector Strategic Action Plan.
About TS ISO/IEC 15408 Information Technologies IT Products Security Level Certification:
TS ISO/IEC 15408 Information Technologies IT Products Security Level Certification (Common Criteria) is the international test standard which applies functional and penetration tests to Information Technologies (IT) products and systems in terms of confidentiality, availability and integrity, and determines the assurance level of the product or system in terms of confidentiality, availability and integrity according to the test results pursuant to ISO 15408.
TS ISO/IEC 15408 Common Criteria Standard is defined according to the Evaluation Assurance Level: EAL of IT applications. There are 7 EAL levels (EAL 1-7) in the Common Criteria. Products entering certification are expected to meet very strict security requirements and subject to strict security test protocol.
The condition, person and software etc. threatening the security, confidentiality, integrity and system of information systems are considered as threats for these systems. These threats are theft of medical and financial data of customers, deleting and theft of customer data bases, virus in the system, theft of files with commercial confidentiality, interruption of internet connections. Health Information Systems collect, manage and share minimum patient personal information including patient privacy required for treatment and also other diagnosis, treatment and medical data. For this reason, medical application is in the critical application class and its security and reliability are very important.
By Common Criteria (ISO/IEC 15408), both software and hardware secure software development infrastructure in IT infrastructure, user authorization and authorized access control for the product, providing confidentiality and integrity of information on the network by secure password infrastructure between client/server by using SSL (Secure Socket Layer) in network communication and safe and periodic test processes ensure to keep this environment updated all the time.
AKGÜN, which provides the most appropriate solution for threats that may occur in operational environment, unauthorized external interventions and attack potential, provides full compliance of its applications with TS ISO/IEC 15408 Information Technologies IT Products Security Level Certification-Common Criteria Standard requirements in order to offer safer and more reliable solutions to its customers.