Press Release
Methinks AI achieves ISO 27001 and strengthens its security ecosystem for clinical data
The digital health technology company adds the world’s most rigorous information security standard to itsstack, certified by EQA.
Barcelona, Spain – 20th April 2026 — Medical data occupies a singular position within the information security landscape. The sensitivity it carries, spanning legal, ethical and clinical dimensions, demands the highest standards of protection. That’s why MethinksAI has just taken another step forward: the company has earned UNE – EN ISO/IEC27001:2023 certification, the most demanding international standard for information security management, issued by EQA (European Quality Assurance). This milestone consolidates the company’s commitment to protecting clinical data and ensuring operational continuity in highly regulated environments.
ISO 27001 is a comprehensive and rigorous security standard. It audits everything from system architecture to internal team processes, including incident management, traceability, and access controls. Achieving it means that every layer of the Methinks AI platform — from cloud infrastructure to product development — meets the strictest controls available today.
With this new certification, Methinks AI completes a robust security ecosystem: alongside its ENS (Esquema Nacional de Seguridad) certification, the company operates in full compliance with GDPR and HIPAA, shaping a comprehensive framework that safeguards medical data and supports safe operations inside hospitals and healthcare institutions.
”Every hospital we connect to expects the highest level of guarantees. This certification allows us to scale the product while meeting rigorous security standards", said Pablo Cañas, VP of Technology, Methinks AI.
The timing matters. Artificial intelligence in medicine is growing at unprecedented speed, and with it, the security requirements from hospitals, insurers and public bodies. This milestone positions Methinks AI as a trusted technology partner for any healthcare organisation that wants to put AI to work without lowering the bar on data protection.
“After months of working hand-in-hand with ENS and ISO 27001 frameworks, achieving both certifications is a statement: at Methinks, security and trust are built in from day one", said Anna Jordà, Senior QA/RA Specialist, Methinks AI.
About the certification
Methinks AI holds an information security management system certified in accordance with ISO 27001 by EQA. The certified scope covers the activities, systems and locations that have successfully completed the audit process in accordance with the requirements of this standard.
Controller / METHINKS SOFTWARE S.L. (METHINKS)
Purpose / Subscribing to the Newsletter.
Legal Bases / Express consent.
Storage Period / The data will be kept for the time necessary to fulfill the purposes collected, as well as for the fulfillment of legal obligations.
Rights / You have the right to request from us access, rectification or erasure of your personal data, the right to restrict processing and object to processing at dpo@methinks.ai.
Additional Information / Additional and detailed information on Data Protection can be found in the attached clauses in Privacy Policy.
Responsable / METHINKS SOFTWARE S.L. (METHINKS)
Finalidad / Contactar con el usuario.
Base Legal/ Consentimiento expreso.
Periodo de Conservación / Los datos serán conservados durante el tiempo necesario para cumplir con la finalidad de la recogida, así como para cumplir con las obligaciones legales.
Derechos / Tienes derecho a solicitarnos el acceso, rectificación o supresión de tus datos personales, el derecho a restringir el tratamiento y a retirar el consentimiento en dpo@methinks.ai.
Información Adicional / La información adicional y detallada sobre protección de datos puede encontrarse en Política de Privacidad.