Information Security Policy
Areneco provide SaaS products to the Medical Device Sector. Areneco’s first and core product is an eIFU management solution called Stratus that allows Medical Device Manufacturers to upload and manage eIFUs and provide them online to their End Users. The solution ensures compliance with all regulations and reduces both cost and risk in line with customer requirements. Areneco ensure best in class solutions through the continuous improvement of its certified information security management system, the setting and achievement of objectives and the reduction of risk at all times. Areneco are committed to ensuring the confidentiality, integrity and availability of all customer data at all times.
Supplier Security Policy
Areneco attaches particular importance to the security of its own, its Employee’s and its Customer’s data. It is therefore vital that existing and potential new suppliers to Areneco have appropriate security controls to ensure the confidentiality, integrity and appropriate availability of such data is not compromised and these controls are in maintained in accordance with Areneco security policies.
The reference standard for Areneco security policies is ISO27001 and the suppliers shall comply with the principles of that standard at all times.
At a minimum; Suppliers agree to:
- Maintain the confidentiality of any information shared with the supplier by Areneco
- Not to distribute any information to a third party without prior expressed permission from a senior member of management in Areneco
- Allow Areneco, when deemed necessary, to audit their facilities, systems and processes specific to services provided to Areneco
- Ensure that their employees are aware of the nature of the supplier relationship with Areneco and ensure that they are in compliance with the information security requirements at all times