Information Governance and Security

Committed to delivering a high standard of data security

Person Centred Software help ensure personal records and sensitive information are kept secure and protected on a robust platform – data security and information governance are taken very seriously, using a number of measures to keep everything secure: 

  • The Digital Care System is on a fully cloud-based platform supplied by Microsoft Azure. One of the benefits is that Person Centred Software can take advantage of Microsoft's Scale and Engineering resources to maintain servers and capability at scale.

  • Person Centred Software uses encryption over TLS 1.2/1.3 with strong ciphers, and data at rest is encrypted through 256-bit AES encryption with encryption keys rotated regularly.
  • All backup data is encrypted in transit, and at rest, access to the backup storage is authenticated through a 704bit access key.
  • The Microsoft Azure platform is certified for processing and storing health and personal data by the NHS and UK Government.
  • The Azure data centres are tier 4, designed to be completely 'fault-tolerant' with redundancy for every component, an expected up time of 99.995% and accredited to the following standards: ISO27001, ISO27017, ISO27018, SOC1, SOC2, SOC3, CSA Star.
  • Cyber Essentials Plus is utilised to ensure Person Centred Software has appropriate cyber security measures in place. Cyber Essentials Plus means an independent Certification Body has verified the measures in place.

  • Person Centred Software has a robust governance framework for handling, processing, and storing highly sensitive data. We are ISO27001 accredited, ensuring information security controls, processes, and procedures are in place to keep data safe.

  • Person Centred Software is NHS DSPT certified as Standards Exceeded, verifying that we use the NHS's Data Security and Protection Toolkit (DSPT). This ensures we handle personal patient information correctly and demonstrates that good data security measures are in place.

  • The solution is regularly pen tested by a CREST-certified 3rd party to enable us to keep to the highest security standard.
  • NHS standards for data protection and security.  
Best security credentials in the market

Our Joined Up Care initiatives

PCS GP Connect

GP Connect

PCS eRed bag


PCS Reporting-1

Personal Demographics Service (PDS)

PCS Oversight of information

National Record Locator (NRL)


Professional Record Standards Body (PRSB)

PCS Secuirty

Information Governance and Security