Information security
Our approach to protecting information
Tesu Health takes the security of information seriously. We design, build and operate our digital products with information security embedded into our processes, systems and ways of working.
Our approach is risk-based and proportionate, recognising the sensitivity of health and personal data and the importance of maintaining confidentiality, integrity and availability of information across our services.
Security by design
Information security is considered throughout the product lifecycle, including design, development, deployment and ongoing operation. We apply appropriate technical and organisational measures to protect information from unauthorised access, loss, misuse or disclosure.
This includes secure system architecture, access controls, monitoring, and regular review of risks and controls.
Compliance and standards
Tesu Health aligns its information security practices with recognised frameworks and regulatory expectations, including UK data protection legislation and relevant NHS and industry standards where applicable.
We maintain documented policies and procedures covering areas such as access control, incident management, data protection and business continuity, and we regularly review and improve our security posture.
Incident management and continuous improvement
We maintain processes for identifying, managing and responding to security incidents. Lessons learned from incidents, audits and assessments are used to strengthen our controls and improve resilience over time.
Transparency and assurance
Further details about our information security controls, certifications and compliance activities are available through our Trust Centre.
Questions or concerns
If you have questions about our information security practices or require additional assurance, please contact us at: security@tesuhealth.com