Information governance and data security

Excellence in information governance is at the heart of what we do. We have a legal and ethical responsibility to handle confidential and sensitive information carefully and securely, and we are fully committed to doing that in a way that maximises its utility while preventing unauthorised or inappropriate use or disclosure. We are respectful of the nature of the data we work with, where it comes from and what it means for individuals and organisations.

Dr Foster has 15 years’ experience of handling confidential patient-level NHS data and operates under a range of UK and European Laws, associated codes of practice and international standards. We meet all of the requirements set out by the NHS Information Governance Toolkit and the United Kingdom Data Protection Act 1998, and are ISO27001 accredited.

Our international presence means we meet the data security requirements of the countries we operate in including the Health Insurance Portability and Accountability Act (HIPPA) and the European Data Protection Directive (EC Directive 95/46/EC).

Taken together these provide us with a robust governance framework for information management. We have a range of privacy enhancing technologies, physical security measures, data agreements, contracts of employment, and audit measures in place.

Dr Foster provides this fair processing notice (FPN) which informs you how your personal data will be processed and the purposes for which the data has been collected.