IPSWICH, Mass. — March 11, 2021 — In keeping with the company's ongoing focus on information security and customer data protections, EBSCO Information Services (EBSCO) announces ISO (International Standards Organization) 27001 compliancy and certification is now associated with the majority of EBSCO proprietary products and services. ISO 27001 is a standard that represents best practices for information security controls. Continued efforts in this area demonstrates EBSCO's commitment in ensuring the security and privacy of customer and end-user data.
While privacy regulations and vendor obligations differ fundamentally from security needs and goals, EBSCO takes a holistic approach to safeguarding security and customer data protections. By continuing to examine security risks, evaluate processes and implement security controls, the company ensures information security on an ongoing basis. These efforts ensure customers can enjoy peace of mind and have complete trust when leveraging EBSCO's products and services for a better research experience.
ISO 27001 certification is attained through a rigorous audit and assessment by an independent third party of company processes and the security of its products and services. EBSCO products and services that are now included in the ISO 27001 certificate are as follows:
- Configuration and Authentication Services (EBSCOadmin)
- Library Website Creation Services (Stacks)
- Library Management Systems (FOLIO)
- GOBI Library Solutions from EBSCO
- Discovery and Research Database Services (EBSCO Discovery Service, EBSCOhost, EBSCOhost Mobile, EBSCO Discovery Service API)
- Journals & e-Package Services (Global Knowledgebase, EBSCO Knowledgebase)
- Holdings Linking Services (Holdings Manager, Full Text Finder, Publication Finder, HoldingsIQ, LinkIQ)
- Electronic Resources Management (Flipster, EBSCO eBooks, EBSCO Audiobooks, EBSCOhost Collection Manager)
- eLearning Resources (EBSCO LearningExpress )
- Health Knowledge Products (CINAHL, DynaMed, Dynamic Health)
- Clinical Decision Support Services (DynaMed Shared Decisions)
EBSCO Information Services' Vice President of Information Security, Privacy and Governance, Scott Macdonald says that when it comes to ISO 27001, it is a misconception that a company is either compliant, or it is not. "It's really more specific than whether a company has met the criteria for compliance or is noncompliant. ISO compliance lays out a specific set of approaches and requirements to examine risks and implement security controls for each product. The EBSCO ISO 27001 certification covers services, as well as specific EBSCO products to which certification applies."
Ongoing compliance efforts build on EBSCO's existing investments in privacy, security and operational processes and its focus on implementing policies and standards in different areas overall. These efforts include GDPR (General Data Protection Regulation), COPPA (Children's Online Privacy Protection Act) and FERPA (Family Educational Rights and Privacy Act). EBSCO has also partnered with Guidelines International Network (GIN) and supports Google's Campus Activated Subscriber Access (CASA).
For more information on EBSCO's ongoing efforts on information security and customer data protections, please visit: https://www.ebsco.com/about/ebsco-commitment.
EBSCO's ISO 27001 certification can be found here: https://www.ebsco.com/sites/g/files/nabnos191/files/acquiadam-assets/EBSCO-ISO-27001-Certificate-of-Registration.pdf.
About EBSCO Information Services
EBSCO Information Services (EBSCO) is the preeminent provider of online research content and search technologies serving academic, school and public libraries; healthcare and medical institutions; corporations; and government agencies around the world. From research, acquisition management, subscription services and discovery to clinical decision support and patient care, learning, and research and development, EBSCO provides institutions with access to content and resources to serve the information and workflow needs of their users and organizations. EBSCO Information Services is a division of EBSCO Industries, Inc., a family-owned company since 1944. For more information, visit the EBSCO website at: www.ebsco.com.