Amplitude takes the security of the data it processes, on behalf of our customers, extremely seriously. As such, we have deployed the highest levels of security features in our software.
- View Amplitude’s Cyber Essentials Plus certification
- View Amplitude’s Data Security and Protection Toolkit certification
NHS data is hosted over the secure HSCN network (formally, the N3 network). Data from all organisations is hosted on Azure; Microsoft’s Cloud hosting solution, a secure cloud network. Azure offers the very highest levels of security.
In all cases, the transmitting of data between the client browser and the Azure cloud infrastructure is handled via HTTPS, ensuring the encrypted transmission of data at all times.
Redcentric is Amplitude’s hosted cloud provider, presenting HSCN connectivity to the Azure cloud platform.
Annual independent penetration testing at the application level is carried out to ensure a strong security posture. Amplitude Clinical engaged with Mitigate Cyber in order to assess the overall security posture of their environment.
Based on Amplitude Clinical’s risk profile, primary security concerns and the vulnerabilities identified at the point of the engagement, Mitigate Cyber found that overall, the security of the Amplitude systems was found to be excellent.
The next testing is now scheduled for 2023/24.
Amplitude carries out regular Disaster Recovery tests to ensure system failover between Microsoft Azure datacentres is working effectively and systems can be restored as quickly as possible in event of a disaster. The last test was run in October 2022 without issue. The next set of tests are scheduled for August 2023.