X-on Health, provides primary care with an ‘Intelligent Care Navigation System’. This comprehensive suite of integrated tools is designed to streamline communications and optimise workflows, which in turn creates more time for care and improves patient access.
At the core of the system is Surgery Connect, an advanced telephony system that facilitates care navigation. This is complemented by Surgery Assist, an AI-powered digital assistant that filters out unnecessary calls, allowing patients to self-serve and navigate to the right care. For clinicians, Surgery Intellect, powered by TORTUS, acts as a medically certified scribe to save valuable time during appointments. Finally, Surgery Insights offers data dashboards that assist in prioritising, organising, and delivering care more efficiently, further improving patient access and streamlining operations.
Trust is built through transparency, rigorous compliance, and a commitment to patient safety. X-on Health regards safeguarding patient data as being of the utmost importance and is at the forefront of our services. This compliance and trust centre outlines how we protect data, manage clinical risk, and support safe, effective use across healthcare settings.
We are an accredited supplier:
Approved supplier to the NHS
Crown Commercial (Digital Support and Inclusion Framework)
UK Government’s Cyber Essential Plus Certification
Data Security and Protection Toolkit (X-on Health 8JM42, TORTUS AI O2G5U, Hanley Health J8B1T)
UK General Data Protection Regulation (GDPR)
Council of Registered Ethical Security Testers (CREST-Approved)
Digital Technology Assessment Criteria (DTAC)
The Digital Technology Assessment Criteria for health and social care (DTAC) gives staff, patients and citizens confidence that the digital health tools they use meet our clinical safety, data protection, technical security, interoperability and usability and accessibility standards
The DTAC is designed to be used by healthcare organisations to assess suppliers at the point of procurement or as part of a due diligence process, to make sure digital technologies meet our minimum baseline standards. For developers, it sets out what is expected for entry into the NHS and social care
X-on Health has undergone self-assessment and are DTAC ready. This ensures our solution meets the highest standards for:
- Clinical safety
- Data protection
- Technical assurance
- Interoperability
- Usability and accessibility
DCB0129 Documentation
X-on Heath products are compliant with DCB0129 and is a clinically safe solution for healthcare organisations to adopt and deploy.
In accordance with DCB0129 we fully comply with the standard and operate a clinical risk management system that enables us to demonstrate the safety of our digital health products.
Data Protection Impact Assessment (DPIA)
A Data Protection Impact Assessment (DPIA) is a process to help an organisation identify and minimise the data protection risks of a project/product, especially for processing that is likely to result in a high risk to individuals.
It is a formal process to ensure that personal data is handled safely, legally and with minimal risk.
Clinical Authority to Release (CATR)
Prior to delivery of the health IT system for go-live, the manufacturer will need to undertake a formal review of the clinical risk management activities conducted to ensure that the requirements for the clinical safety management system have been addressed.
Data Security and Protection Toolkit (DSPT)
The Data Security and Protection Toolkit (DSPT) is an online self-assessment tool used by organisations within the NHS and social care to demonstrate their adherence to data security standards. It helps organisations measure and demonstrate their performance against the National Data Guardian’s 10 data security standards.
We have achieved a DSPT status of ‘standards exceeded’ – (X-on Health: 8JM42, TORTUS: O2G5U)
Compliance/Accreditations
Certificates for the following are all available to view in our academy.
Cyber Essentials Plus:
X-on Health are delighted to announce they have been awarded the Cyber Essentials Plus certification, cementing our commitment to online security and protection for our customers
Cyber Essentials is a Government-backed and industry-supported scheme that helps businesses protect themselves against the growing threat of cyber-attacks. The certification is designed to provide a statement of the controls an organisation should have in place to mitigate the risk from common cyber threats.
ISO 9001
X-on Health was awarded its ISO9001 certification in 2007
ISO9001 is an internationally recognised standard for the provision of a quality management system to ensure customer satisfaction and continuous improvement.
ISO 27001
X-on Health has been granted the ISO 27001 certification since 2010. This is the only internationally recognised standard for an information security management system (ISMS)
Achieving and maintaining certification to ISO 27001 demonstrates that X-on Health has implemented security best practice that protects its users and their data in accordance with internationally recognised standards, and strive to continually improve.
ISO 22301
X-on Health has been awarded certification in ISO22301, an internationally recognised standard which defines business continuity management and overall risk management ad resilience in a business continuity framework.
ISO 14001
X-on Health has been awarded certification in ISO14001, an internationally recognised standard which defines the standard for environmental management systems.
ISO 42001
X-on Health has been awarded certification in ISO 42001, an international standard that specifies requirements for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS) within organisations. It is designed for entities providing or utilising AI-based products or services, ensuring responsible development and use of AI systems
Achieving and maintaining certification to ISO 42001 demonstrates that X-on Health has implemented a structured way to manage risks and opportunities associated with AI, balancing innovation with governance.
ISO 42001
ISO 14001
DCB Compliant
Practice Index Approved
CCS Supplier
Cyber Essentials Plus
ISO 22301
ISO 27001
ISO 9001
