Security & Compliance

Patient Data Protection You Can Rely On

We treat the security of clinical data as an absolute responsibility, not an afterthought. SolveFit Tracker meets the most rigorous international standards.

Compliance Frameworks

SolveFit Tracker complies with all IT requirements across these critical frameworks.

GDPR

General Data Protection Regulation

Full compliance with UK and EU GDPR requirements. Lawful basis for processing, data subject rights, privacy notices, and data processing agreements all managed under our governance framework.

Cyber Essentials

NCSC Cyber Essentials

Certified under the UK Government's Cyber Essentials scheme, demonstrating protection against the most common cyber threats facing organisations today.

DSPT

Data Security & Protection Toolkit

Aligned with NHS Digital's Data Security and Protection Toolkit — essential for services working with or adjacent to NHS-commissioned care.

Encryption

End-to-End Data Encryption

All text data within the system is encrypted at rest and in transit using industry-standard SSL/TLS protocols. Your clinical data is protected at every layer.

Isolated AI

Secure & Isolated LLM Processing

Our AI features run on fully isolated, private LLM instances. Patient data is never shared with public AI models or third-party training pipelines — clinical confidentiality is always preserved.

2FA

Two-Factor Authentication

Optional 2FA for all user accounts. Organisations with higher security requirements can enforce 2FA across their entire installation for an additional layer of access protection.

Technical Safeguards

Two-Factor Authentication

Optional 2FA for all user accounts. Organisations with higher security requirements can enforce 2FA across their entire installation.

Daily Encrypted Backups

Each installation is backed up locally on a daily basis, in addition to server-level redundancy. Your data is always recoverable.

SSL Encryption

All data transmitted between users and our servers is encrypted via SSL/TLS. Connections are secured to current best-practice standards.

Isolated AI Environments

All AI-powered features run inside private, isolated LLM instances with no connection to public models. Patient data is processed in a closed loop — never used for external training or shared beyond your installation.

Configurable Access Controls

Multi-user installations support granular role-based permissions. Administrators control who can see, edit, and export clinical data.

Isolated Installations

Each organisation's data resides in its own isolated environment. There is no shared database infrastructure between client organisations.

Security Status

GDPR Compliance

Certified

Cyber Essentials

Certified

Data Security Toolkit

Aligned

SSL Certificate

Active

Backup Systems

Operational

Two-Factor Auth

Available

Isolated AI Processing

Enabled

Penetration Testing

Up to Date

Privacy & Governance Documents

Full transparency in how we handle and protect your data.

Privacy Notice

SolveFIT Ltd Privacy Notice — how we collect, use, and protect personal data.

Request Document →

Data Security Policy

Our comprehensive Data Security Policy aligned with NHS and ISO standards.

Request Document →

Terms of Use

Platform terms and conditions for all SolveFit Tracker users.

Request Document →