Keeping your data safe.

Accurx builds software that makes it easier for healthcare staff to communicate with you and each other. It is only used to help provide patients like you with individual care.

You can read more detail about us, our story and how we work on other sections of this website.

We need to access some of it to help provide patients and healthcare staff with our communication software, which is intended to make things easier for you all. When you or the staff involved in your care use our secure software, we receive information about you.

The information Accurx receives from you or from care providers (like NHS GPs) includes:

• Your demographic details (your name, date of birth and gender)
• Your NHS number
• Your contact details (your mobile phone number and email address)

We have access to some communications with your healthcare provider, and third party data, including information from your GP record that may be required from time to time.We only get the information necessary for your care provider to use our software.For example, it would be impossible for a GP to use our messaging service to send you a text without them sharing your phone number. Or when you use the form on your GP's website, the information you share with them passes through our systems. We make sure that we only collect what is necessary to provide your care professionals with services on our platform, and store it safely.

We transmit and store data in encrypted form. This means nobody else can read it without the right credentials. When stored, your data is encrypted in an extremely secure UK-based Microsoft Azure data centre.

We meet the highest standards of safety and security, as set by NHS bodies and the government. We go through assurance processes for these and we regularly get outside independent experts to check our systems are secure. You can see a list of our security credentials in our Resource Centre.

In our agreements and policies, we make binding commitments to you and our providers about what data we access and how we keep it safe. These commitments comply with the key laws in this area - the Data Protection Act 2018 and the UK General Data Protection Regulation - and the rules and standards set out by the NHS on handling health care data.

Fundamentally, we act as something called a ‘data processor’. This means we can only use your data under the instructions of your healthcare providers, who are the data controllers i.e. the organisations delivering patient care, such as a GP practice, hospital or care home. They are ultimately responsible for creating and storing information about patients and their health, such as in a patient record.

We only do what they tell us to do with it. You can find out more about the responsibilities we and others have in this regard in our Privacy Policy and Data Processing Agreement. We have the same agreement with every organisation using Accurx.

Legally, your GP or Doctor is allowed to share this data on your behalf in order to provide you with individual care. This is also the legal basis for us being able to process it. You might look at the list of what we have access to and think, 'that's a lot of personal information', and there's no denying that that's true: it is. That's why we're honoured to be trusted by healthcare professionals and why we take keeping your data safe extremely seriously.

Yes, but separately. On some occasions, such as for surveys about our software, or visitor use of our website. We keep the systems for collecting these strictly separate from the systems we use to help healthcare practitioners provide patients with individual care because the information is collected for a very different purpose.

One example is if you choose to participate in one of our feedback surveys or when you use our website, we collect information to make our own software and services better. We act as the data controller in this case, deciding what to do with the data. And we obtain your permission to do this when you fill in the survey. We explain more how we handle your data in this case in our Privacy Policy.

If you wish to see the information the NHS holds and controls about you, that is something your provider (e.g. your GP practice) should help you with. Ask them or visit their website for more information about how to do this. This will include the things they have instructed Accurx to do for them with your data (e.g. records of text messages sent using Accurx).

You have a legal right to access the data we store about you when you interact with us directly, such as when contacting our support desk. This is known as a 'Subject Access Request'. We are happy to help and you can contact us on support@accurx.com.

We have strict access requirements on who can use our software, to make sure the only people accessing your information are those providing you with care.

At Accurx, our employees may need to see patient data that we store for for strictly limited purposes. For example, this data may need to be accessed to investigate technical problems with our services. These occasions are very rare and only happen when absolutely necessary. Any access to patient information is time-limited and governed by our agreements with healthcare providers. Every single person undergoes training about what is appropriate in these circumstances. Data is deleted when investigations are complete.

We operate zero tolerance policies for misuse of data here at Accurx. It's part of everyone's employment contract here. If any one of us is found to have accessed part of your information without a valid reason, they would be sacked and the Information Commissioner's Office (the regulator) would be informed.

The NHS and the health and care professionals who look after you know best how to give you great care. They're the experts on that. We know it can be hard to communicate using modern technology in the NHS, and that's where we can help by enabling them to do their jobs more easily (and lots of them think we're doing a good job). Ultimately, working together we think we can improve the nation's health.

The NHS national data opt-out only applies to NHS organisations and sharing your information for research or planning. Because Accurx processes data for professionals who give you individual care, this opt-out does not apply to the data they share with us. We do not use that data for research.

No. We would never do anything like this - we never have and we never will. We are in the business of supporting your NHS staff to give you great care - that's what we want to be paid for.

98% of GP practices use our software, so you may receive SMS messages asking you to book GP appointments via an Accurx link. These are completely safe, however, we realise that there are many phishing schemes that aim to mimic messages like this in order to access your details.

Please check the link on any SMS messages you receive from your GP. If it is from our software, it will include 'accurx.nhs.uk', 'patient.accurx.com' or 'florey.accurx.com' and should come from your named GP practice. We encourage you to follow the recommended steps for checking messages for potential spam, including looking out for spelling errors and incorrect information. If you are still unsure, please contact our Support Team at support@accurx.com.