Reading time ( words)
ASUS, a multinational company known for the world’s most innovative motherboards, laptops, monitors, and other PC hardware, announced that cloud-based medical AI services developed by ASUS Intelligent Cloud Services Center (AICS) — the AI software division of ASUS — has successfully passed an external audit conducted by SGS Taiwan and obtained the ISO 27001:2013 certification for information security management. Additionally, the division has passed the Health Insurance Portability and Accountability Act (HIPAA) compliance assessment conducted by KPMG.
Dr. Tai-Yi Huang, ASUS Corporate Vice President and Head of AICS, stated that “ASUS is prioritizing the protection of real-world medical data with the most stringent global standards and partnering with our clients to tackle ever-evolving cybersecurity risks and threats, while continuing to advance the digital transformation of the healthcare ecosystem with AI technology. These achievements demonstrate the strong commitment by ASUS to implement cybersecurity practices that ensure data safety and integrity while adhering to global regulatory standards for healthcare data privacy.”
Empowering the healthcare industry with AI-powered software innovations
The suite of AI-powered medical software services developed by AICS includes an EMR search application, a clinical decision support service platform, a drug safety service, and Miraico, an ICD-10 AI coding assistant powered by cutting-edge Natural Language Understanding (NLU) technology. Miraico can intelligently understand and automatically recommend ICD-10 codes by analyzing free-text medical records. Its user-friendly design integrates seamlessly with existing workflows, thereby improving coding efficiency and optimizing hospital reimbursements. These AI services empower healthcare professionals and medical institutions to make data-driven decisions, improve quality of patient care, and increase overall operational efficiency.
The Information Security Management System (ISMS) implemented by AICS and the ASUS Information Security Committee aims to strengthen mechanisms such as risk assessment, the secure software development life cycle (SSDLC), outsourcing management, and cybersecurity crisis management. The scope of the ASUS ISO 27001 certification includes the provision of SaaS-relevant information-security-management activities via AICS, including development, maintenance and management of application systems, data protection, network communications and physical security. The certified ISMS can effectively prevent incidents like malware infections, data leaks and service interruptions, and it represents the continued commitment by ASUS to ensure information security and sustainable corporate operation.
The HIPAA-compliant AICS medical AI services ensure that any electronic protected health information (ePHI) collected, transmitted, stored, or analyzed cannot be accessed, disclosed, modified or destroyed without authorization. Examples of ePHI include, but are not limited to, pathological tests, medical images, electronic medical records (EMR), anonymized statistical data, and personnel data and system information from hospitals. The confidentiality, integrity, and availability of healthcare data are safeguarded with the highest standards, and only authorized transmission and access are permitted.