1. Architecture
- No patient data, by design. All national performance analytics derive from aggregate open data already published by national bodies. There is nothing patient-identifiable to breach, and organisation uploads are restricted to aggregate figures.
- Hosted on Cloudflare's platform (Workers and the D1 database) with CDN and DDoS protection, served from a global edge network with UK/EU locations where available.
- Customer data is scoped per organisation and access-controlled per account.
2. Encryption
- All traffic is encrypted in transit with TLS 1.2 or higher; HSTS is enforced.
- Data at rest is encrypted by our hosting provider.
3. Access control
- Accounts are issued per organisation with role-based access, signed session tokens, and passwords stored using strong one-way hashing (PBKDF2).
- Subscriptions carry validity windows: access starts and lapses automatically with the licensed term.
- Internal access to production systems is limited on a least-privilege basis, protected by multi-factor authentication, and logged.
- Peer Exchange contact details are disclosed to another member only on your explicit acceptance.
4. Operations
- Dependencies are patched promptly; deployments are version-controlled and reviewed.
- Server logs and security events are monitored; the database platform provides point-in-time recovery.
- Data publication pipelines validate source structure and publication dates, so partial or malformed national data loads are detected before release.
5. Incident response
We operate a documented incident-response process. If a personal data breach affects your organisation's users or uploaded data, we will notify you without undue delay, with the information needed for your own UK GDPR obligations, in line with the Data Processing Agreement.
6. Responsible disclosure
If you believe you have found a vulnerability, email [email protected] with details. Please do not test against production systems or access other users' data. We will acknowledge within 2 working days and keep you informed as we investigate. We do not take legal action against good-faith research that respects this policy.
7. Certifications and assurance
We do not yet hold formal security certifications; Cyber Essentials certification is on our roadmap and this page will be updated as assurance milestones are reached. Our hosting provider, Cloudflare, maintains ISO 27001 and SOC 2 Type II certification for the underlying infrastructure.