TRIMEDX receives International Organization for Standardization’s world-class information management security recertification

Healthcare technology leader recognized for its continued commitment to data security and operational excellence in technology

Indianapolis, Indiana, Nov. 28, 2023 (GLOBE NEWSWIRE) -- TRIMEDX―an industry-leading, independent clinical asset management company delivering clinical engineering services, clinical asset informatics, and medical device cybersecurity―has been recertified with the highly regarded International Organization for Standardization’s Information Management Security certification ISO/IEC 27001:2013, a widely recognized international standard outlining best practices for information security management. This recertification, valid through Dec. 2026, reverifies that TRIMEDX meets the latest information security industry standards while maintaining and enforcing policies and procedures to ensure the security of data.

“This reaffirms our commitment to excellence for our clients, associates, and stakeholders,” says TRIMEDX CEO Henry Hummel. “We continue our commitment to protecting healthcare providers’ confidential data, ensuring patient safety, and demonstrating operational excellence and rigor around technology and data development and control.”

ISO 27001 provides requirements to companies seeking to implement a comprehensive information security management system (ISMS) to effectively provide security of information assets, through a systematic risk management process covering people, processes, and information technology systems. Meeting the standard demonstrates TRIMEDX’s achievement of world-class safety and security management of information. TRIMEDX was recertified by third-party registrar British Standards Institution (BSI).

The ISO 27001 certification couples with TRIMEDX’s Service Organization Control (SOC) 2 Type 2 and ISO 13485:2016 certification (valid through Aug. 2024) to make up TRIMEDX’s Quality Management System covering MD QMS and Information Security Management System (ISMS) standards.

ISO 13485 outlines best practices in developing an effective MD QMS that covers the safety and quality of medical devices throughout their lifecycle. SOC 2 is a stringent, third-party industry standard among service organizations that handle client data and is designed to protect the safety and security of the data and its storage. Achieving this level of compliance requires a demonstrated ability to consistently monitor unusual system activity, activate security alerts in the event of security incident, produce detailed audit trails for root cause analysis and quickly take corrective action.

“We continue to make security and safety a top priority as we serve our clients,” says Doug Folsom, president of cybersecurity and chief technology officer. “The protection of client data and information, which ultimately impacts patient safety, differentiates us in what we do to provide clinical engineering services, clinical asset management, and medical device cybersecurity solutions.”

To learn more about TRIMEDX and its offerings, visit



TRIMEDX is an industry-leading, independent clinical asset management company in the United States delivering comprehensive clinical engineering services, clinical asset informatics, and medical device cybersecurity. We help healthcare providers transform their clinical assets into strategic tools, driving reductions in operational expenses, optimizing clinical asset capital spend, maximizing resources for patient care, and delivering improved safety and protection. TRIMEDX was built by providers, for providers, and leverages a history of expert clinical engineering with data on 92% of all active medical device models.


TRIMEDX Quality Management System

Contact Data