PracticePal Security
Our security standards and GDPR policy. Check below for information on how we keep your data safe using the latest security protocols.
Security measures
Astute Data Systems, who provide PracticePal Practice Management software, are registered under the Data Protection Act, and our registration number is ZA063574. You can search for and view our certification at the Information Commissioners Office. We have also completed the “How to comply” check list for small to medium businesses produced by the Information Commissioner’s Office. All the data handled at PracticePal is confidential and security is a top priority.
When you transfer your business to PracticePal from another vendor, you can provide us with an electronic record of your current client contacts and/or full client data. We do not gain access to your data unless you authorise us. A copy of your original data is held securely while a script is written to convert it to a PracticePal compatible format. Data is then uploaded into your PracticePal account ready for use. Once you confirm the modified data set is OK, the original copy is deleted from our system. Our highly trained staff provide technical service and support to manage this process for our customers.
Technical details
Access to PracticePal is via a 256 bit Secure Socket Layer (SSL) certificate, and fully password protected at all times. All passwords are encrypted and salted. Through normal use, no data is downloaded to a client machine or leaves the firewalled server (unless the client chooses to download their own copy of the database backup). All our software is password protected and is hosted on RackSpace servers within the EU. Our dedicated servers reside in RackSpaces’ world-class data centres, with hardware RAID 10 storage, ECC memory, and fully redundant networking and power all the way to the host. The hardware is fully redundant, hot swappable and behind dedicated hardware and software firewalls. All data is automatically backed up, and then that backup is also backed up to a different physical location (within the EU) hosted by a separate data hosting company. RackSpace guarantee that the services will be available at least 99.9% of the time in any given monthly billing period, and we have actually achieved 100% to date.
Data retention
We take security extremely seriously and any information we hold about our customers, and in turn their clients is stored on password protected software. It can only be accessed by staff that have been trained and that require access, i.e. support, technical development and administrative staff. Each staff member has their own login credentials. We do not share this information with any third party and we do not keep information on past customers or about people who ask us to delete the data we hold about them.
GDPR
On 25th May 2018 the new EU GDPR regulations officially become enforceable. The regulations will be put in place regardless of Brexit negotiations, and we are aware of the huge effect this will have on PracticePal as a product, as a product provider, and on our customers.
We started investigating the new regulations in September 2017, and have been actively working with our staff and a number of advisors to gain a full understanding of the implications, and create a number of action plans for what we will be doing to ensure we are compliant with GDPR, pre May 25th. We also hope to offer as much support as possible to our customer base in providing their own GDPR compliance.
Please note that we will advise our user where possible, and provide tools, where possible, to enable GDPR compliance to our users, our role as the data processors is standalone, meaning the data controllers (software users) will need to manage their own internal investigations in line with GDPR, as to ensure their compliance.
Our internal policy document on how we’ve adapted for GDPR is available to all existing customers, on request, or can be found via the internal help system.
Any questions?
Frequently Asked Questions
Get more information about our features,
pricing and security.
Contact us
Call us on: 01227 250 093
Sales/Enquiries: info@practicepal.co.uk
Support: support@practicepal.co.uk