Amplitude takes the security of the data it processes, on behalf of our customers, extremely seriously. As such, we have deployed the highest security features in our software.

• View Amplitude’s Cyber Essentials Plus Certification
• View Amplitude’s Data Security and Protection Toolkit Certification
• View Amplitude’s ICO Data Protection Registration Certification

NHS data is hosted over the secure HSCN network (formally, the N3 network). Data from all organisations is hosted on Azure; Microsoft’s Cloud hosting solution, a secure cloud network. Azure offers the very highest levels of security.

In all cases, the transmitting of data between the client browser and the Azure cloud infrastructure is handled via HTTPS, ensuring the encrypted transmission of data at all times.

Redcentric is Amplitude’s hosted cloud provider, presenting HSCN connectivity to the Azure cloud platform.

Annual independent penetration testing at the application level is carried out to ensure a strong security posture. Amplitude Clinical engaged with Citation Cyber to assess the overall security posture of their environment.

Based on Amplitude Clinical’s risk profile, primary security concerns and the vulnerabilities identified at the point of the engagement, Mitigate Cyber found that overall, the Amplitude systems’ security was excellent.

The next testing is now scheduled for mid-2025.

Amplitude conducts regular Disaster Recovery tests to ensure system failover between Microsoft Azure datacentres works effectively and systems can be restored as quickly as possible during a disaster. The last test was run in August 2024 without issue. The next set of tests is scheduled for the end of 2025.