It covers the academic education, training and treatment activities and administrative activities of our hospital and the information assets related to these activities, and the relevant business processes within the scope of information security carried out to protect these assets.

Our Information Security Management System guarantees that our activities within its scope are carried out in accordance with the ISO 27001:2013 standard.

ISO 27001:2013 Information Security Management System Policy;

• Provide secure access to its own and its stakeholders' information assets,
• Protect the availability, integrity and confidentiality of information,
• To assess and manage the risks that may occur on the information assets of itself and its stakeholders,
• Protect the credibility and reputation of the organization,
• To apply the sanctions deemed necessary in case of breach of information security,
• To ensure the information security requirements arising from national and international regulations, fulfilling the requirements of legal and relevant legislation, meeting the obligations arising from agreements, and corporate responsibilities towards internal and external stakeholders,
• To reduce the impact of information security threats on business / service continuity, to ensure business continuity and sustainability,
• It undertakes to maintain and improve the level of information security with the established control infrastructure.
  
  

General Directorate