Murray PHN is pleased to share that it has achieved ISO/IEC 27001:2022 certification, the international standard for information security.

This achievement has been built on several months of rigorous work to audit, assess and uplift structures, systems, policies, procedures and practices to strengthen our information security management systems.

Murray PHN CEO, Matt Jones, said reaching the standard demonstrates the organisation’s high-level of commitment to its partners, communities and funders in managing information more securely than it ever has before to protect its integrity, confidentiality and availability. 

“Technology, data sharing and cyber threats evolve every day. The health sector remains a prime target for attacks due to the highly sensitive information that’s collected, stored and exchanged.

“As custodians and stewards of data, we take our obligation to effectively mitigate and manage risks and to safeguard information very seriously. 

“We now have a solid foundation and strengthened culture, where every person recognises information security as part of their role”.

Receiving certification is not an end point. Ongoing work and a culture of continuous improvement will ensure Murray PHN maintains and strengthens its commitment to the highest levels of information security.

The Australian Government mandates that all 29 Primary Health Networks achieve ISO/IEC 27001:2022 certification by mid-2026. This requirement ensures that PHNs have an effective system to safely and securely manage the data they receive from the community.