As scientific collaboration becomes increasingly digital and globally interconnected, amid rising cybersecurity threats and evolving AI-driven risks, biopharmaceutical companies are demanding more robust data protection protocols from outsourcing partners.
Symeres has been awarded ISO/IEC 27001 certification, the internationally recognised standard for information security management systems (ISMS). This certification reinforces the company’s proactive commitment to safeguarding sensitive client data across its global operations.
“Cybersecurity is no longer a back-office issue; it is central to the success of every client program,” said Gabriella Gentile, Chief Operating Officer at Symeres. “Our ISO 27001 certification gives clients, from biotech startups to large pharmaceutical companies, the assurance that their proprietary data, often the ‘crown jewels’ of development, is protected within a robust and continuously improving security framework.”
Gabriella Gentile
While Symeres has long operated with strong internal protocols, the decision to pursue formal certification arose from a rising volume of security questionnaires from clients, financial institutions, and regulators.
For many large pharmaceutical companies, information security assessments are now a standard part of onboarding. ISO 27001 certification allows Symeres to address the majority of these requirements upfront, significantly streamlining due diligence processes. By reducing administrative friction, project teams can focus more quickly on what matters most: advancing client programs and delivering scientific impact.
“This journey began two years ago as part of our continuous improvement culture,” added Mark Verhaar, Project Manager at Symeres. “We identified our highest information risk areas, developed risk-based policies, and created a formal, auditable system for managing access, backups, and incident response. It’s not just about compliance, it’s about building a culture of vigilance and continuous improvement, ensuring that our security practices evolve alongside the scientific and digital complexity of our clients’ programs.”
Symeres is well-positioned to support the needs of both established pharmaceutical clients and smaller biotechs that may rely on its expertise to navigate complex data governance now that ISO 2700 is in place. The certification also supports broader industry compliance efforts, including the EU’s NIS2 Directive, which identifies healthcare organizations as vital operators.
Key elements of Symeres’s information security framework include:
- Formalised, audited policies for data access, backup, and breach response
- Continuous employee awareness programs to mitigate human error
- Controlled information sharing protocols with third-party partners and clients
- Ongoing internal audits and yearly external surveillance to maintain certification
The company is progressing with the rollout of ISO 27001 certification across its sites globally, with completion targeted before the end of the year. This phased implementation ensures consistent standards across the Group while maintaining operational continuity.
As cyber threats grow more sophisticated, maintaining high security standards will remain a priority. Guillaume Jetten, Chief Executive Officer at Symeres, commented: “In today’s environment, ISO 27001 is a non-negotiable foundation for doing business with large pharmaceutical companies and innovative biotechs. Achieving this certification cements Symeres’ status as a leading global CDMOs operating with full transparency and accountability.”
No comments:
Post a Comment