CIRU’s success in ISO 27001
certification
We are thrilled to share that our department, The Clinical Informatics Research Unit have been successful in achieving certification to an international information security management system (ISMS) standard called Information Security Management System (ISO 27001). The standard provides a framework for organisations to manage their information security and protect their data. Achieving ISO 27001 builds trust with our clients and demonstrates the Unit’s commitment in securing confidential information. The certification has been recognised by BSI – information on this company found further below.
The certification was achieved in March 2025 following an in-depth audit process and 18 months of hard work from our small team here at CIRU. The lack of critical, major, or minor findings clearly demonstrates the quality and dedication of the department.
Following this great achievement we spoke to Professor James Batchelor, CIRU Director / Associate Dean International Research & Enterprise, Faculty of Medicine, who said the following:
“The ISO 27001 certification is a testament to the dedication, meticulous planning, and collaboration of the CIRU team. From thorough risk assessments to implementing strong security controls and producing key documentation, the team has shown exceptional professionalism and commitment to excellence. I’m truly grateful for the team’s hard work in reaching this milestone. This achievement reflects our collective expertise and dedication to maintaining the highest standards of information security at CIRU.”
About CIRU:
CIRU has over 25 years of experience in providing clinical research solutions and services across the globe, advancing data excellence, quality, management, and improving research conduct. The University department of no more than 35 employees works with organisations across 7 continents including Europe, North America, South America, Australasia, Asia, and Africa. Achieving ISO 27001 strengthens CIRU’s reputation in both data security and patient safety, not only to their clients but to their partners, stakeholders, and to the public.
David Mudd, Global Head of Digital Trust Assurance at BSI, remarks:
“The global digital landscape means core research practices are increasingly cloud-based and digitally reliant, and it is essential for organizations like CIRU to remain vigilant against cyber threats, particularly in the realm of healthcare and clinical research. Achieving certification highlights CIRU’s commitment to safeguarding sensitive data, ensuring the integrity of clinical research, and adhering to global best practices in establishing digital trust. CIRU should be commended for its proactive approach to managing information security, supporting regulatory compliance, and strengthening resilience for the future of clinical informatics research.”
About BSI:
Since 1901, BSI has been creating an enduring legacy of transformation for the benefit of all. Across all divisions and services, BSI delivers on its purpose by helping its clients to fulfil theirs. For over a century, BSI has driven best practice in organizations around the world and support a 13,000-strong global community of experts. With our extensive expertise in standards, Assurance, Regulatory, and Consulting services, we can support you to enhance your performance, achieve sustainable growth, manage risks, and be a partner in progress.
For more information contact ciru@soton.ac.uk