Surgery Connect complies with NHS information governance protocols, securely storing encrypted call recordings and messages.
- Data access is restricted to authorised users with strong password controls.
- All data is permanently deleted in line with data retention strategies, and is securely held in UK data centres managed by X-on.
- X-on maintains accreditations with:
- ISO 9001 (Quality Management of Systems requirements)
- ISO 27001 (information security standards)
- ICO (Data Protection Act compliance)
- DSP Toolkit (NHS data security standards)
- Being a Crown Commercial Service Supplier
- Being a PCI-DSS (credit card security) Level 1 Provider