Strategy-selection roundJudge the sequence, emphasis, and what each page leads withnot the wording. Final copy is written post-pick to the S3a voice.Concept 1 — Founder × Security · placeholder, not the finished look
Security & compliance

How your patient data is protected

We will tell you how the system is built before we point at any badge. Here is what is true today, and what we are still working toward.

Architecture first

Built into the system, not added on afterwards

Your data stays in the UK. Access is limited to the people doing your work. Every entry is logged.

Patient information travels over what Halo Desk describes as “the VPN the NHS uses” — Robbie’s own account of how it is carried, which we will evidence before launch rather than assert today.

Our compliance approach

We are building toward the certifications a practice expects — DSPT and Cyber Essentials among them. Today that means least-privilege access, UK GDPR data handling, and a documented approach to retention and breach response.

We will say we hold a certification when we hold it, and not before.

Questions about how we handle data?

Ask, and a person will answer. No portal, no account.

Send us a note →