Pulse Health App uses a ‘Data Protection by Design and Default’ approach. Our clinical and non-clinical backgrounds allow us to understand the needs and wants of users, organisations, public bodies, and the NHS and Social Care sector through Pulse Health App.
We understand that medical information can be more valuable than financial data. This is why Pulse Health App is built on principles of robust security and encryption. We are committed to maintaining a secure platform to enable our NHS and Social Care workers to deliver world-class healthcare.
Communication exchanged on Pulse Health App is fully end-to-end encrypted. This means that only you and the person you are communicating with can read the messages. Pulse Health App is unable to see the messages exchanged between users.
We utilise NHSmail’s Single Sign On mechanism for NHS.net emails. We also provide federated access to NHS emails for those who are not using NHS.net, such as NHS.uk. For federated domains, we use two-factor authentication to confirm that you are who you say you are.
Secure Image / Video / File Transfer
Images, videos and files are encrypted both in transit and in rest. Images/videos taken or sent through the application do not sync with the device’s camera roll. This means images will not sync with the cloud (Apple iCloud, Google Drive, etc).
ISO27001 Certified Servers
Data is stored securely in our London(UK)-based Amazon Web Services (AWS) server. These servers meet ISO 27001 certification, ensuring your data is kept safe and backed up at all times.
Pin Code Access
Pulse Health App has created additional security layers and operates a 15-minute lockout after a period of inactivity. Users are required to create a 4-digit pin code that is required to be entered after the inactivity period.
As an alternative to the pin code, we allow biometric access via your device’s built-in fingerprint functionality. We currently do not support face ID.
Private NHS Communites
A closed secure, end to end encrypted, private forum designed for open internal discussions within the NHS. Secure access grants permission to only those who should have permission, reducing the risk of misinformation and disinformation, creating a professional NHS community.
Should you lose your device or believe somebody has access to your account, you should contact us immediately so we can remote wipe your data. We would advise you to change passwords either through the NHSmail portal or directly with us if you are using federated access.
Report a Data Breach
Contact firstname.lastname@example.org immediately, preferably via email. Provide as much detail as possible, including time, type, who and by what means. Also upload any associated documents you may have. There is no need to worry, as this will not affect you and you won’t be judged, even if it is an oversight on your part. We just need to follow procedures and learn from the error, both alike, to prevent further breaches.