Our certifications

Securely within the UK through our partner Redcentric, a leading UK IT managed services provider. Redcentric holds a range of accreditations and is a specialist provider of N3 and HSCN-connected services to health and social care in the UK, which can be found here.  

On premises – hosted internally on your environment. 

Details of the Data Retention policy with guidance on the effect of GDPR and your flexibility.  

Radar Healthcare has various features that enable compliance with GDPR and DPP2018 regulations: 

• Data retention periods can be set as per your data retention policies. 
• The data can be anonymised or deleted as appropriate. 
• When printing incident records can be redacted as required. 
• By using APIs, you can ensure that only required levels of data are stored in  
• each system and this data are accurate and from one source of truth. 
• There is a full, granular permission structure in Radar to ensure only the required data is accessible by users. 
• Data is stored on secure architecture with Disaster Recovery in place. 

Radar Healthcare operates internal policies designed to ensure the correct management of all data. For example, POL02 Data Protection Policy supports compliance with our legal obligations in respect of data processing. POL03 Retention and Destruction Policy details policy on the appropriate use and destruction of sensitive data.  

Additionally, our hosting provider employs a range of processes and standards to ensure no data breach including annual penetration testing. 

The Radar Healthcare POL02 Data Protection Policy ensures data is appropriately managed, including sharing data with third parties. 

Radar Healthcare has fully embraced the requirements of GDPR and has invested in the necessary resources to ensure that the system is fully GDPR compliant. The system meets in full its contractual and data protection obligations as a data processor. Additionally, Radar Healthcare helped its customers to ensure full adherence as both controllers and data processors. 

Our data protection obligations are all outlined in our software license agreement in line with GDPR legislation.  

All data is owned by the customers. It is our policy that any data requests would have to be approved by the customer before they are actioned. By default, Radar Healthcare does not pass any data to 3rd parties or partners. 

Data can be acquired within the solution to respond to data requests, such as Subject Access Requests. 

The required information is included in the Radar Healthcare SLA and can be provided upon request.  

Radar Healthcare does embed 3rd party OEM into the system as detailed below:  

• Sisense – Embedded Analytics. 
• Walkme – Digital adoption tool. 

Yes, we have certificates that have been issued by NQA, these are accredited by both UKAS and ANAB. 

All the organisation falls under the management system scope. 

All the organisation falls within the scope of cyber essentials. 

Radar Healthcare is accredited with both the Data Security and Protection Toolkit (DSPT) and the Digital Technology Assessment Criteria (DTAC). Both help and ensure we are qualified to handle and process data in line with the NHS’s overall approach to information governance and protect patient privacy. 

We work alongside many NHS Trusts and services to help provide safer outcomes.  

We have a Data Protection and Quality Lead and an Information and Security Officer who are dedicated to managing, protecting, and maintaining safer and securer outcomes for our partners. See the ‘Meet our Compliance Team’ section above for more information.