FRANKLIN LAKES, N.J. (Oct. 26, 2022) – BD (Becton, Dickinson and Company), a leading global medical technology company, today announced its enterprise-level Information Security Management System (ISMS) has been certified to a rigorous set of independently audited international standards for information security, further demonstrating the company’s ongoing commitment to protecting BD, its customers and patients from cybersecurity risks.
ISO/IEC 27001:2022 is a globally recognized set of information security standards established by the International Standards Organization (ISO) and the International Electrotechnical Commission (IEC). Certification provides assurance that an organization conforms with specific requirements for managing information security, including establishing, implementing, maintaining and continually improving its Information Security Management System (ISMS).
“Cybersecurity continues to be a top priority for Merck and all of health care,” said Michael Harrison, associate director of supplier risk management for Merck. “As an important supplier to Merck, BD’s ISO 27001 certification demonstrates it is aligned with Merck’s cybersecurity priorities and is committed to maintaining a cybersecurity program designed to protect medical devices, hospitals and patients.”
ISO/IEC 27001:2022 standards also include requirements for assessing and addressing information security risks. During the two-stage external audit process, auditors verified the company’s Information Security policies, Statement of Applicability (SoA) and Risk Treatment Plan (RTP) to certify that BD meets ISO/IEC 27001:2022 requirements.
“ISO 27001 certification provides fundamental assurance for customers that BD meets rigorous international standards for managing information security, including protected health information and personal identifiable information,” said Rob Suarez, chief information security officer for BD. “This distinction validates that our system for managing information security is appropriately designed and implemented, which is especially critical as regulatory demands for effective cybersecurity controls increase around the world.”
BD is one of the largest global medical technology companies in the world and is advancing the world of health by improving medical discovery, diagnostics and the delivery of care. The company supports the heroes on the frontlines of health care by developing innovative technology, services and solutions that help advance both clinical therapy for patients and clinical process for health care providers. BD and its 75,000 employees have a passion and commitment to help enhance the safety and efficiency of clinicians' care delivery process, enable laboratory scientists to accurately detect disease and advance researchers' capabilities to develop the next generation of diagnostics and therapeutics. BD has a presence in virtually every country and partners with organizations around the world to address some of the most challenging global health issues. By working in close collaboration with customers, BD can help enhance outcomes, lower costs, increase efficiencies, improve safety and expand access to health care. For more information on BD, please visit bd.com or connect with us on LinkedIn at www.linkedin.com/company/bd1/ and Twitter @BDandCo.
Associate Director, Cybersecurity Communications
SVP, Head of Investor Relations