Data Security & Information Governance

Both our mail production centres are ISO 9001, ISO27001 and PACS information standard accredited. Crucially, they both have live, direct NHS N3 network Connectivity and therefore are audited by NHS Connecting For Health for network and data security. We regularly sign and agree bespoke data sharing agreements with our NHS Clients.

All printing is carried out in a secure environment fitted with access control and monitored by security cameras in compliance with ISO 27001 Security Information Standards. Each individual job (print file) is processed according to the production devices set for the job within our production control system NHS Data Care

Data Care records which individual operator carries out work on the job at each production stage along with a date and time stamp.  This is achieved by the member of staff (with the correct permissions) scanning the barcode on the specific job and also on their individual access control badge (worn at all time as per APACS requirements).

ISO 27001, titled “Information Security Management – Specification with Guidance for Use”, is a specification for the management of Information Security.  It addresses the security of information in whatever form it is held, from printed or electronically stored, to that transmitted by post or email.  Whatever form the information takes, or means by which it is shared or stored, ISO 27001 helps an organisation ensure it is always appropriately protected, in terms of:

confidentiality – ensuring that access to information is appropriately authorised

integrity – safeguarding the accuracy and completeness of information and processing methods

availability – ensuring that authorised users have access to information when they need it