Information Security Policy

Information Security Policy

Information security is possible by ensuring the confidentiality, integrity, and availability of information assets.

Of Information:

Confidentiality requirement means that information is accessible only by authorized persons.

Integrity requirement means ensuring the completeness and accuracy of information assets and protecting them from unauthorized changes.

Availability requirement refers to the usability of information assets by authorized users whenever they are needed.

Scope This policy covers all units using the Clinic’s Information Technology (IT) infrastructure, third-party users accessing information systems, and service, software, or hardware providers providing technical support to information systems.

Responsibilities Accordingly, everyone using the Clinic’s IT infrastructure and accessing information resources must:

Ensure the confidentiality of clinic-owned information in personal and electronic communications and in information exchanges with third parties.

Back up the information they process according to criticality levels and take determined security measures.

Report and notify information security breach incidents and take measures to prevent these breaches.

Prohibitions and Compliance

Internal clinic information resources (announcements, documents, etc.) cannot be transmitted to third parties without authorization.

Clinic information technology resources cannot be used for activities contrary to the laws of the Republic of Türkiye and their associated regulations.

All employees of the institution are obligated to comply with this policy, its procedures, and instructions.

Governance and Commitment Pişiren Oral and Dental Health Services Clinic establishes regulatory principles for its own corporate operations to ensure information security. The determination of the Information Security Policy, the definition of security roles, and the execution of all relevant updates are carried out with the support of the Board of Directors. Pişiren Oral and Dental Health Services Clinic may consult internal and external experts when necessary.

Pişiren Oral and Dental Health Services Clinic commits to protecting all information assets within its developed health applications and systems, working in compliance with legislation, contracts, and international standards within the framework of information security, managing risks in the information security management system, conducting corrective and remedial activities, and establishing a sustainable system in accordance with its purpose of establishment. In case of non-compliance with information security policies, procedures, and instructions, judicial and administrative legal proceedings will be initiated against those involved.