Security Centre

Pulse Health App uses a ‘Data Protection by Design and Default’ approach. Our clinical and non-clinical backgrounds allow us to understand the needs and wants of users, organisations, public bodies, and the NHS and Social Care sector through Pulse Health App.

We understand that medical information can be more valuable than financial data. This is why Pulse Health App is built on principles of robust security and encryption. We are committed to maintaining a secure platform to enable our NHS and Social Care workers to deliver world-class healthcare.

  • SCW
  • NHS Apps Library
  • General Data Protection Regulation
  • Information Commissioner’s Office
  • NHS DSP Toolkit & Information Governance
  • IASME Consortium
  • Cyber Essential
  • ISO-27001 Certified Data Centre

End-to-End Encryption

Communication exchanged on Pulse Health App is fully end-to-end encrypted. This means that only you and the person you are communicating with can read the messages. Pulse Health App is unable to see the messages exchanged between users.

User Verification

We utilise NHSmail’s Single Sign On mechanism for NHS.net emails. We also provide federated access to NHS emails for those who are not using NHS.net, such as NHS.uk. For federated domains, we use two-factor authentication to confirm that you are who you say you are.

Secure Image / Video / File Transfer

Images, videos and files are encrypted both in transit and in rest. Images/videos taken or sent through the application do not sync with the device’s camera roll. This means images will not sync with the cloud (Apple iCloud, Google Drive, etc).

ISO27001 Certified Servers

Data is stored securely in our London(UK)-based Amazon Web Services (AWS) server. These servers meet ISO 27001 certification, ensuring your data is kept safe and backed up at all times.

Pin Code Access

Pulse Health App has created additional security layers and operates a 15-minute lockout after a period of inactivity. Users are required to create a 4-digit pin code that is required to be entered after the inactivity period.

Biometric Access

As an alternative to the pin code, we allow biometric access via your device’s built-in fingerprint functionality. We currently do not support face ID.

Automatic Message Deletion

Messages are automatically deleted after 30 days. Should you require an export of the chat for attachment to patient notes, you can securely export your chat using the three dots in the corner of your chat screen.

Remote Wipe

Should you lose your device or believe somebody has access to your account, you should contact us immediately so we can remote wipe your data. We would advise you to change passwords either through the NHSmail portal or directly with us if you are using federated access.

Report a Data Breach

Contact pulse.health@nhs.net immediately, preferably via email. Provide as much detail as possible, including time, type, who and by what means. Also upload any associated documents you may have. There is no need to worry, as this will not affect you and you won’t be judged, even if it is an oversight on your part. We just need to follow procedures and learn from the error, both alike, to prevent further breaches.

Close Bitnami banner
Bitnami