Data Protection & Security at Pando

Pando is driven by a mission to empower healthcare professionals to communicate and collaborate effectively.

Healthcare is the most sensitive domain for data sharing and control, so we place data security and protection at the heart of everything we do.

Pando understands that when our Trusts, customers, partners and other individuals provide personal data to us, or allow us to process it on their behalf, they are placing their trust in us.

We take this very seriously and are committed to respecting each individual’s privacy and protecting the personal data that we handle.

Mailbox illustration

User Verification

Pando users must have an approved NHS, Trust or hospital email address to access the application.

Protecting Your Data

We use industry gold standards to encrypt your data, in transit and at rest. We undergo regular penetration testing to ensure we continue to meet best practices.

Checklist illustration

Meeting NHS Standards

Pando complies with the latest guidance from NHS England and NHS Digital, is certified by CyberEssentials, and meets all required security standards under the Data Security and Protection (DSP) Toolkit and GDPR.

Storing Data Safely

Your user and patient data is stored securely in the UK, on Amazon Web Services servers based in London. These servers meet ISO 27001 certification, ensuring your data is kept safe and backed up at all times.

Secure Image Sharing

Pando provides secure image sharing and editing, with no images stored in your personal photo library.

Always Protected

Pando requires a separate PIN or biometric authentication to enter the application, to ensure that even if your phone is lost, patient data remains secure.

Contact DPO

Need some help?

Get in touch