Data Protection & Security at Pando
Pando is driven by a mission to empower healthcare professionals to communicate and collaborate effectively.
Healthcare is the most sensitive domain for data sharing and control, so we place data security and protection at the heart of everything we do.
Pando understands that when our Trusts, customers, partners and other individuals provide personal data to us, or allow us to process it on their behalf, they are placing their trust in us.
We take this very seriously and are committed to respecting each individual’s privacy and protecting the personal data that we handle.
Pando users must have an approved NHS, Trust or hospital email address to access the application.
Protecting Your Data
We use industry gold standards to encrypt your data, in transit and at rest. We undergo regular penetration testing to ensure we continue to meet best practices.
Meeting NHS Standards
Pando complies with the latest guidance from NHS England and NHS Digital, is certified by CyberEssentials, and meets all required security standards under the Data Security and Protection (DSP) Toolkit and GDPR.
Storing Data Safely
Your user and patient data is stored securely in the UK, on Amazon Web Services servers based in London. These servers meet ISO 27001 certification, ensuring your data is kept safe and backed up at all times.
Secure Image Sharing
Pando provides secure image sharing and editing, with no images stored in your personal photo library.
Pando requires a separate PIN or biometric authentication to enter the application, to ensure that even if your phone is lost, patient data remains secure.