Company: Signum Health 

Product: i-Navigator 

Date: 01.08.2022


Signum Health recognises the importance of ensuring that personal information is dealt with legally, securely, efficiently and effectively, in order to allow users of our services to deliver the best possible care and to meet the Company’s legal and good practice responsibilities.

Signum Health provides software services processing personal data. These data include sensitive data or data of a highly personal nature and data concerning vulnerable data subjects. These services have been in production since 2016.

Governance

An Information Governance group convened by the executive is responsible for management of information governance within the organisation. This group oversees a compliance strategy including annual Information Governance training for all staff, Information Governance restrictions in staff and client contracts and regular monitoring of technical and organisational measures designed to maintain integrity and confidentiality of data. Signum Health is registered with the ICO ( ZA323901) and meets the NHS Data Security and Protection Toolkit standards. In addition, Signum Health NHS Services are independently assessed via Cyber Essentials (IASME-CE-032155) and subject to penetration testing and vulnerability assessment at least once a year. The Information Governance Group can be contacted via [email protected]

Signum Health process data for the purpose of sharing information used by health, 3rd sector and social care providers to provide direct patient/client care. Signum Health process data only on the instruction of the data controller or with appropriate legal authority as defined in the Signum Health Information Security Policy.


Product - i-Navigator


Purpose

i-Navigator product is used by Health, Social Care, and Community Organisations to record and securely share personal data about data subjects including demographic data, medical history and care preference/choice, in order to effectively provide informed personalized care. 

Data flow

Organisations use i-navigator to record, view personal data about data subjects and share personal data about data subjects with third parties and may receive sensitive personal data from third parties providing direct care for the data subject. 

Where i-navigator is used in conjunction with an EHR (Electronic Health Record), i-navigator may also be used to view and record limited sensitive personal data within the EHR. Organisations using i-navigator may configure sharing of personal data with third parties by providing written instruction including a DPA, and subscription request.

Data controls


Signum Health processes i-navigator data within the UK only. 

All contracts under which the i-navigator service operates have been reviewed to ensure that obligations under GDPR are met. Where necessary, clients have been offered an updated contract.

The i-navigator service is designed to be secure and robust, meeting NHS guidelines and best practices. Further documentation is available, on request, to describe:

  • Authentication, authorisation and security

  • Infrastructure scalability, resilience and disaster recovery

 

Data retention

i-navigator Plans data are retained in accordance with NHS Records Management Code of Practice.

Contact Information

Email: [email protected]