Overview

For nearly two decades, Prescribe Digital has been at the forefront of clinical documentation innovation, trusted by healthcare organisations to deliver technology that is secure, reliable, and clinician-focused.

Our solutions, AISA® and Amplify+®, harness advanced natural language processing and machine learning to streamline clinical documentation while upholding the highest standards of data protection, privacy, and accuracy.

Every feature we design, every safeguard we implement, is guided by our commitment to trust — trust in how data is handled, how systems perform, and how clinicians are supported.

Because when healthcare chooses Prescribe Digital, it chooses technology built with integrity, accountability, and years of proven expertise in clinical documentation.

Compliance and Certifications

ISO 27001:2022 is the latest version of the internationally recognised standard for Information Security Management Systems (ISMS). It updates and refines the 2013 edition to better reflect current cybersecurity challenges and practices. This version emphasises adaptability to emerging technologies, evolving threats, and the increasing complexity of the digital environment.

ISO 9001:2015 is the internationally recognised standard for Quality Management Systems (QMS). In relation to our digital products and services, it ensures that we maintain consistent quality, reliability, and customer satisfaction throughout our design, development, and delivery processes. By following this standard, we demonstrate our commitment to continuous improvement and excellence in every aspect of our digital solutions.

Cyber Essentials Plus is a UK government-backed certification that demonstrates an organisation’s commitment to protecting its systems and data from common cyber threats. It builds upon the foundational Cyber Essentials certification by including a hands-on technical verification, where independent assessors test the organisation’s cybersecurity controls. Achieving Cyber Essentials Plus assures our clients and partners that our digital products and services are developed and operated within a secure and resilient environment.

Data Security and Protection Toolkit (DSPT): We are fully compliant with the NHS Data Security and Protection Toolkit, achieving the 'Standards Exceeded’ level. The DSPT is a mandatory annual self-assessment for any organisation accessing NHS patient data and demonstrates compliance with the National Data Guardian's 10 data security standards. Our compliance ensures we meet the specific requirements of the NHS for information governance, data protection, and cybersecurity.

UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018: We operate in accordance with the UK GDPR and the Data Protection Act 2018, which govern the lawful processing of personal data within the United Kingdom. These regulations replace the EU GDPR for UK operations and ensure that personal and sensitive information is managed with the highest standards of security, privacy, and accountability. Oversight is provided by the Information Commissioner’s Office (ICO) to ensure adherence to these data protection principles.

Health and Social Care Network (HSCN): Our services are securely accessible via the Health and Social Care Network (HSCN), the dedicated network for health and social care organisations in England. We ensure all connectivity complies with the stringent security, governance, and technical standards set by NHS Digital. This compliance enables the safe and reliable exchange of information across the health and social care ecosystem.

DCB0129 Clinical Risk Management: We adhere to the NHS Digital DCB0129 standard, which sets out the clinical risk management requirements for the manufacture of health IT systems. Compliance with DCB0129 ensures that our digital products are developed with patient safety as a core principle, supported by robust risk assessment, quality assurance, and governance processes. This demonstrates our commitment to delivering safe, effective, and clinically sound digital solutions for healthcare organisations.

ICO Registration: We are registered with the UK Information Commissioner’s Office (ICO) under registration number Z9717899. This registration demonstrates our compliance with the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR). It reflects our ongoing commitment to transparency, accountability, and the lawful, fair, and secure processing of personal data.

Australian Privacy Principles (APPs): Adherence to the Australian Privacy Principles (APPs), as outlined in the Privacy Act 1988 (Cth), ensures that personal information is handled lawfully, fairly, and transparently. These principles underpin our approach to data protection and privacy across all Australian operations. Through this commitment, we maintain the highest standards of information governance and protect the privacy of individuals who use our digital products and services.

New Zealand Privacy Principles (NZPPs): The New Zealand Privacy Principles (NZPPs), set out in the Privacy Act 2020, guide how personal information is collected, used, and managed responsibly and transparently. These principles form the basis of our commitment to safeguarding individual privacy and maintaining the trust of healthcare providers and patients across New Zealand. This framework supports our dedication to strong information governance and the ethical handling of data within our digital products and services.

HIPAA Compliant: The Health Insurance Portability and Accountability Act (HIPAA) sets strict standards for the privacy and security of protected health information (PHI) in the United States. It governs how healthcare data is collected, used, stored, and transmitted to ensure confidentiality, integrity, and availability. Our practices align with the HIPAA framework to protect sensitive health information and uphold the highest standards of data security and patient privacy across our digital products and services.