Medullan Attains ISO 27001 Certification


BOSTON, April 27, 2017 /PRNewswire/ — Medullan, a digital health firm that designs and builds powerful solutions that achieve high rates of adoption in the payer, life sciences and pharmaceutical industries, announced today that it is an ISO/IEC 27001:2013 certified provider whose Information Security Management System (ISMS) has received third-party accreditation from the International Organization for Standardization (ISO). This scope of accreditation covers all Medullan’s offices and the full scope of its offerings – digital health consulting, development services, and platform software solutions.

Compliance with this internationally recognized standard confirms that Medullan’s security management program is comprehensive and follows leading practices. This ISO certification ensures a systematic approach to managing sensitive company, client, and individual information and related IT assets, while also helping ensure compliance with privacy laws and regulations around the world. This is intended in part to provide more assurance to clients in both the US (namely pertaining to HIPAA) and the European Union (as well as its member states, such as Germany and France).

“Obtaining ISO/IEC 27001:2013 certification is a clear indication to our customers and prospects that Medullan continues to commit to the highest level of information security,” said Founder and CEO Ahmed Albaiti. “Medullan’s information security management system ensures we’re preserving privacy and confidentiality, and that we’re constantly working to improve information security controls.”

ISO/IEC 27001:2013 is an information security management system standard published in October 2013 by the International Organization for Standardization and the International Electrotechnical Commission.

A-lign, an independent, third-party auditor, found Medullan to have technical controls in place and formalized IT Security policies and procedures. A-lign is an ISO / IEC 27001 certification body accredited by the ANSI-ASQ National Accreditation Board to perform ISMS 27001 certifications. Medullan has implemented security measures and countermeasures that protect it from unauthorized access or compromise, and IT personnel were found to be conscientious and knowledgeable in best practices.

In addition to its ISO/IEC 27001:2013 certification, Medullan also is also working to complete HITRUST certification.

About Medullan

Medullan, Inc. is a leading digital health firm that designs and builds outcomes-driven solutions that have direct and measurable impact in the healthcare industry. Fueled by a passion for health, a desire to positively challenge the healthcare paradigm, and a culture of accountability – Medullan works with payer, life sciences and pharmaceutical clients to build solutions that create measurable business value and positive impact in the lives of their customers. Medullan was founded in 2005 and is based in Cambridge, MA. 

PR Contact: Theresa Masnik, SHIFT Communications,, 617-779-1871

ISO Certified2.png

Contact Us

We’re Here To Help

Whether you’re ready to talk to someone right now or just want general information

Global HQ

240 Elm St., 2nd Floor Somerville, MA 02144