Theragen Bio has renewed the international standard information protection certification ‘ISO 27001’ and personal information protection certification ‘ISO 27701’ for three consecutive years. ISO/IEC 27001 and ISO/IEC 27701, established by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), are the most authoritative international standard certifications in the field of information security.
International standard information security certification (ISO27001) and personal information protection certification (ISO27701) are the most authoritative certifications in the information protection field. To obtain certification, high-level guidelines are required by the European Union (EU) General Data Protection Regulation (GDPR). Accordingly, standards such as ▲information protection policy ▲physical security ▲access control ▲legal compliance must be passed through a strict screening process.
Theragen Bio was the first genome company to obtain information security certification (ISO27001) and personal information protection certification (ISO27701) in September 2020. So far, genome analysis companies have mainly obtained ISO27001 certification to protect personal information contained in genome information, but Theragen Bio has been certified for both personal information and general information security and complies with the European General Data Protection Regulation (GDPR) and the Australian Information Protection Regulations ( We are also actively responding to information regulations encountered in overseas genome analysis projects such as CPS2334).
Taesoon Hwang, CEO of Theragen Bio, said, “In the genome field, the ability to analyze, utilize, and manage data is key, and by obtaining this certification, we have proven our excellence in data management and personal information protection as a global genome analysis service company.” “We are making proactive preparations to obtain certification according to ISO/IEC 27002 (2022 Information Security Control Guidelines) in line with security standards.”
Meanwhile, information security certification (ISO27001) can only be certified by satisfying all 114 management standards in 14 areas, including the company’s information protection policy/organization, asset management, and access control. It must be verified whether the company systematically establishes and documents processes to protect the confidentiality, integrity, and availability of information assets, and continuously operates and manages them. Personal information protection certification (ISO 27701) is an extension of ISO27001, and is known to require all 49 management standards to be satisfied in 8 areas, including the company’s personal information management procedures, de-identification, and guaranteeing the rights of information subjects.
Source: Pangyo Techno Valley Official Newsroom
→ Go to ‘Asian Innovation Hub Pangyo Techno Valley 2022’ news