Information Security

At MyPharmacyServices, safeguarding your personal and medical information is our top priority. We adhere to robust data protection standards and use secure systems to protect patient confidentiality and ensure compliance with legal obligations.

1. Data Protection Standards

  • We comply with the UK GDPR and Data Protection Act 2018.
  • We are registered with the Information Commissioner’s Office (ICO) — Registration Number: ZB862659.
  • Our systems and practices follow ISO/IEC 27001:2022 Information Security standards.

2. Access Control

Access to patient data is strictly limited to authorised clinicians and administrative staff who require access to deliver or support care. Role-based permissions are enforced, and access is monitored and logged.

3. Data Storage and Encryption

  • All patient information is stored on encrypted and secure servers located in the UK.
  • Data is encrypted both in transit and at rest using industry-standard protocols.
  • Regular backups are performed and protected using secure infrastructure.

4. System Security

  • We use secure cloud platforms with multi-factor authentication and continuous monitoring.
  • All devices are protected with antivirus, firewalls, and secure access policies.
  • We regularly update and patch systems to reduce vulnerabilities.

5. Breach Detection & Response

We have a formal breach response plan in place. In the event of a data breach, we will notify affected individuals and the ICO where required, in line with UK GDPR requirements.

6. Confidentiality Commitment

All team members are bound by confidentiality agreements and undergo regular training in data protection, confidentiality, and cyber security

7. Questions or Concerns

If you have any questions about how your data is protected, please contact us at info@mypharmacyservices.co.uk.