Security and Compliance
🔐 Access Control
Access to systems and data is restricted using role-based permissions, ensuring users can only access information necessary for their role. Secure authentication controls protect against unauthorised access.
📦 Data Protection
We apply appropriate technical measures to protect data, including secure storage and protection at rest and in transit. Controls are designed to safeguard personal and sensitive information.
🧭 Governance & Risk
We maintain documented information governance and security policies, supported by regular risk assessments and management oversight to ensure ongoing compliance and continual improvement.
🧑🏫 Staff Training
All staff receive data protection and information security training to ensure responsibilities are understood and security best practices are followed across the organisation.
🚨 Incident Response
Defined procedures are in place for identifying, managing, and responding to information security incidents. Incidents are assessed promptly and handled in line with legal and contractual obligations.
📊 Audit & Oversight
We monitor systems and processes to support security, accountability, and compliance, with reporting mechanisms in place to provide appropriate oversight and assurance.
Your Data
To request access to your personal data, request erasure (account deletion), or exercise your right to object to processing, please email data@mysoftwaregroup.co.uk and a member of the team will assist you with your request.
Where necessary, we may ask for reasonable proof of identity to ensure that personal data is not disclosed to the wrong individual. Any verification information requested will be limited to what is necessary and will only be used for the purpose of confirming your identity.
If you request account deletion, please note that once deletion has been completed, the data cannot be recovered. In some cases, we may be required to retain certain information to comply with legal or contractual obligations, such as accounting or regulatory requirements.
DSPT Standards Met
We have met the NHS Data Security and Protection Toolkit standards, demonstrating our commitment to secure handling of healthcare data.
