As of 20 May 2025, the Clínica Girona you have obtained the Certificate of conformity with the’National Security Scheme (ENS), which accredits it as an entity that meets the requirements for information protection and security. The certification has been awarded by the’Catalan Cybersecurity Agency after undergoing an audit procedure.
With obtaining the certificate, the Clínica Girona formally declares that it complies with what is established in the Conformity Assessment of Essential Requirements Profile, which includes security measures, both technological and organisational. The objective of the PCE-RES is to protect information and the services provided, for which it is necessary to adopt security measures, including regulations, system configuration, audits, incident management, and training programmes.
This success is the result of the commitment of the Clínica Girona with security, information protection, and regulatory compliance.
What is the National Security Scheme (ENS)?
The’National Security Scheme (ENS), This is a regulation, governed by Royal Decree 311/2022, of 3 May, which is mandatory and establishes the basic principles and minimum requirements necessary to ensure adequate protection of information processed by public administrations and private companies. This legal framework is essential to guarantee trust in electronic services and to protect the privacy and data of patients.
Compliments of the house
The certification achieved confirms that Clínica Girona's IT system complies with rigorous standards in key areas such as:
- AuthenticityVerify the identity of the users and systems involved.
- IntegrityTo ensure information is not altered without authorisation.
- AvailabilityEnsure the continued operational capability of the system to fulfil the organisation's essential functions.
- ConfidentialityProtecting sensitive data from unauthorised access.
