All anonymous patient data transferred to Sensyne Health is stored and processed within ISO 27001 certified secure data center environments.
Network access to such networks is restricted via strict Firewall rules, NACLs (Network Access Control Lists), VPN connection and Bastion jump boxes. All Sensyne Health IT environments have multiple network access controls in place. Access to de-identified and anonymised patient data is managed centrally by our IT Team and governed by our ISO certified QMS (quality management system) and IG (information governance) process. All network activity and network traffic flow within secure environments is monitored and controlled. Specific workstations within Life Sciences have controlled access to such data.
Sensyne Health uses Microsoft Azure for its cloud storage and processing environment, which offers greater flexibility, ease of data sharing and transfers, greater resiliency, and a continued robust security infrastructure.
All data will be de-identified and anonymised and include only the minimum required amount of data necessary. Sensyne will be contractually required to access and analyse data within the highest standards of responsibility and obligation as per the contractual arrangements within the SRA and DPA.
The Azure environment offers improved speed-to-care, provision of cleansed and standardised datasets to improve clinical decision making for patient pathways. This model also offers:
- End-to-end encryption providing a flexible and hyper-secure environment that can scale with Trust data and computation requirements to drive continuous innovation for Clinical Care
- Creation of a JITD (Just in Time Data) Model that aligns with your clinical workflows to continuously drive efficient and improved standards of care
- Ability to leverage a common data model aligned to OMOP and the common healthcare ontology
- Enhance Trust R&D capabilities and catalyse Patient Care and Innovation
- Automate and secure data sharing with Azure Data Share to control what you share, gain visibility into your data sharing agreements aligned to an agreed term of use
- Common Data Model with improved standardisation promoting flexible analysis and intelligence delivery of own Trust data
In addition to the ISO, Data Protection and NHS Digital Data Protection and Security standards that Sensyne aligns to, Microsoft Azure is compliant with the following UK and global standards:
- ISO: 20000-1:2011 | 22301 | 27001: 2013 | 27017 | 27018 | 27701 | 9001 | 13485
- Cyber Essentials Plus
- FACT (Federation Against Copyright Theft)
- CIS Benchmark
- CSA-STAR Attestation / Certification / Self-Assessment
- PCI DSS
- PCI DSS
- Shared Assessments
Sensyne’s robust Cyber Security framework, MFA (Multi-factor authentication), conditional access controls and Data Loss Prevention methodologies ensure not only that only permitted employees have access to Healthcare organisation data within the Azure environment but also access is restricted to trusted devices and locations. Sensyne Health is able to ensure service provision continuity and complete end-to-end security and protection built on the robustness and security principles of Microsoft Azure. The advanced infrastructure and security capabilities of Microsoft Azure enable greater flexibility and scalability of services whilst providing cutting edge security capabilities.