AES-CRM
All Systems Operational

Your Patient Data, Secured.

Enterprise-grade security built for UK healthcare. Encrypted, compliant, and hosted exclusively in UK data centres.

View Compliance ReportDownload Whitepaper
GDPR UK
ISO 27001
CQC Ready
Cyber Essentials

Security at every layer

From data in transit to data at rest, your patient information is protected at every step.

AES-256 Encryption

All patient data is encrypted at rest using AES-256, the same standard used by governments and financial institutions.

TLS 1.3 in Transit

All data in transit is protected with TLS 1.3, the latest and most secure transport layer protocol.

Role-Based Access

Granular permissions ensure staff only access what they need. Every action is logged and auditable.

Automatic Backups

Hourly encrypted backups with 30-day retention. Enterprise plans include real-time replication.

Two-Factor Authentication

Mandatory 2FA for all admin accounts. Optional for all users. Supports authenticator apps and SMS.

Penetration Testing

Annual third-party penetration testing. Continuous vulnerability scanning and patch management.

UK Data Sovereignty

Your patient data never leaves the United Kingdom. All processing, storage, and backups occur exclusively within UK borders.

  • Primary data centre in London
  • Backup data centre in Manchester
  • No data transfers to US or EU
  • Full compliance with UK GDPR

100% UK Hosted

Your data stays in the UK. Always.

Real-time Audit Logging

Audit TrailLast 24 hours
14:32:01Dr. SmithViewed patient record192.168.1.x
14:28:15ReceptionCreated new appointment192.168.1.x
14:25:42AI SystemSent appointment reminder SMSInternal
14:20:33AdminUpdated clinic settings192.168.1.x
14:15:10Dr. JonesExported patient list192.168.1.x

Questions about security?

Our team is happy to walk you through our security practices and provide any documentation you need.