Cimas Health Group CEO Vuli Ndlovu
BY MUNYARADZI BLESSING DOMA
Cimas Health Group recently transitioned to ZWS ISO/IEC 27001:2022 certification, a globally recognised Information Security Management System standard that reaffirms their commitment to safeguarding the security and confidentiality of their members’ and clients’ information.
This latest certification, which strengthens their longstanding commitment to protecting information, marks a major advancement from the previous ISO/IEC 27001:2013 standard which they attained as part of their digital transformation journey and in the process becoming the first medical services provider in Zimbabwe to accomplish such a milestone.
Cimas Health Group’s Chief Executive Officer Vuli Ndlovu said confidentiality, integrity, and operational excellence are central to how Cimas Health Group operates.
He noted that the new ISO/IEC 27001:2022 certification reflects Cimas Health Group’s alignment with internationally recognised standards and demonstrates the Group’s dedication to robust information security management.
“To achieve the updated certification, we continued to implement significant upgrades to our information technology infrastructure and enhanced various security processes, including staff training, risk assessments, and governance frameworks.
“These improvements were thoroughly reviewed and verified through a rigorous audit conducted by the Standards Association of Zimbabwe at our Head Office located at Borrowdale Office Park, Harare,” said Ndlovu.
He added that the new ISO/IEC 27001:2022 certification confirms that Cimas Health Group operates a world-class Information Security Management System designed to protect the security, integrity, and confidentiality of members’ and clients’ information.
“As we continue to follow international best practices to minimise cybersecurity risks, we have established comprehensive cyber-incident detection, response, and management processes to effectively monitor and address potential threats.
“Our Information Security Management System (ISMS) not only governs how we manage and protect technology-related information but also guides how our people and internal processes securely handle members’ and patients’ data.”
Ndlovu said the new certification provides reassurance to all their members, partners, and stakeholders that their sensitive information is handled and protected in line with globally recognised information security standards.
“We value the private, confidential, and privileged information entrusted to us, and we have implemented rigorous control measures to ensure it remains fully protected,” added Ndlovu.
