GoHealth Prioritizes Information Security to Retain ISO 27001 Certification

Posted by: Lauren Mandel on September 12, 2017

For the third year in a row, GoHealth is excited to announce that it has obtained ISO 27001 certification for its superior information security management system. ISO 27001 is a globally-recognized certification that verifies an organization’s commitment to the protection of assets and information governance.  The certification was performed by Schellman, an Accredited Certification Body based in the United States.

This externally-audited certification analyzes the business and demonstrates how the implementation of data security management processes helps keep information secure. As part of the recertification, GoHealth has recommitted to a continual program of review, validation, and improvement.

“GoHealth is committed to keeping our customers’ data and information safe and secure,” said Shane Cruz, Chief Technology Officer of GoHealth. “We’re proud to have achieved ISO 27001 for the third year in a row, and we will continue to prioritize information security for years to come.” 

Since GoHealth was founded in 2001, the company has prioritized information security and data protection within the architecture and governance of its platform, as well as throughout its business and support methodologies. Achieving ISO 27001 certification helps demonstrate the rigorous security measures taken to protect the information assets of all GoHealth customers.

About ISO/IEC 27001

ISO is an independent, non-governmental international organization with a membership of 163 national standards bodies. Through its members, it brings together experts to share knowledge and develop voluntary, consensus-based, market relevant International Standards that support innovation and provide solutions to global challenges.

The ISO/IEC 27000 family of standards helps organizations keep information assets secure. Using this family of standards helps organizations manage the security of financial information, intellectual property, employee details and information entrusted to them by third parties.  ISO/IEC 27001:2013 provides requirements for an information security management system, which is a systematic approach to managing sensitive information so that it remains secure, and covers people and processes as well as IT systems and applications.

Anthem Blue Cross Blue Shield CO

Anthem Blue Cross Blue Shield CT

Anthem Blue Cross Blue Shield IN

Anthem Blue Cross Blue Shield KY

Anthem Blue Cross Blue Shield ME

Anthem Blue Cross Blue Shield MO

Anthem Blue Cross Blue Shield NH

Anthem Blue Cross Blue Shield NV

Anthem Blue Cross Blue Shield OH

Anthem Blue Cross Blue Shield VA

Anthem Blue Cross Blue Shield WI

Blue Cross and Blue Shield of Kansas City

Blue Cross and Blue Shield of Minnesota

Blue Cross and Blue Shield of MT

Blue Cross Blue Shield of AZ

Blue Cross Blue Shield of GA

Blue Cross Blue Shield of IL

Blue Cross Blue Shield of LA

Blue Cross Blue Shield of MA

Blue Cross Blue Shield of MI

Blue Cross Blue Shield of NM

Blue Cross Blue Shield of TN

Blue Cross Blue Shield of TX

Blue Cross Blue Shield of WY

Blue Cross of CA

Blue Cross of ID

Blue Shield of CA

BlueCross BlueShield of SC

CareFirst BlueCross BlueShield

Empire Blue Cross Blue Shield

Highmark Blue Cross Blue Shield WV

Horizon Blue Cross Blue Shield of NJ

Independence Blue Cross

Premera Blue Cross Blue Shield of AK

Premera Blue Cross Blue Shield of WA

Regence BlueShield