Our Trust Centre
Our Trust Centre
Our Trust Centre
Our Trust Centre
At Ardens, protecting patient and organisational data is central to how we work. This Trust Centre brings together the key information NHS organisations, GP practices, Local Authorities and ICBs typically need for assurance and due diligence, including:
our accreditations and registrations
how we protect data in practice
the documents we provide to support DPIAs and supplier checks
who to contact with governance, security or clinical safety questions
If you can’t find what you need, contact our Governance team at [email protected].
Our Accreditations
Ardens products have been assured and approved through various accreditations:
Cyber Essentials Plus
A UK government-backed certification that provides a higher level of assurance through rigorous testing by independent experts to ensure robust protection against cyber threats.
Cyber Essentials Plus
A UK government-backed certification that provides a higher level of assurance through rigorous testing by independent experts to ensure robust protection against cyber threats.
Cyber Essentials Plus
A UK government-backed certification that provides a higher level of assurance through rigorous testing by independent experts to ensure robust protection against cyber threats.
Cyber Essentials Plus
A UK government-backed certification that provides a higher level of assurance through rigorous testing by independent experts to ensure robust protection against cyber threats.
DCB0129
Ardens meets the DCB0129 Standard, providing assurance that our products meet clinical safety requirements.
DCB0129
Ardens meets the DCB0129 Standard, providing assurance that our products meet clinical safety requirements.
DCB0129
Ardens meets the DCB0129 Standard, providing assurance that our products meet clinical safety requirements.
DCB0129
Ardens meets the DCB0129 Standard, providing assurance that our products meet clinical safety requirements.
Information Commissioner's Office (ICO) registration
Ardens is registered with the Information Commissioner's Office.
Information Commissioner's Office (ICO) registration
Ardens is registered with the Information Commissioner's Office.
Information Commissioner's Office (ICO) registration
Ardens is registered with the Information Commissioner's Office.
Information Commissioner's Office (ICO) registration
Ardens is registered with the Information Commissioner's Office.
ISO 27001
A renowned standard for information security management systems, ensuring systematic risk management and adherence to best practices for data security.
ISO 27001
A renowned standard for information security management systems, ensuring systematic risk management and adherence to best practices for data security.
ISO 27001
A renowned standard for information security management systems, ensuring systematic risk management and adherence to best practices for data security.
ISO 27001
A renowned standard for information security management systems, ensuring systematic risk management and adherence to best practices for data security.
Medicines and Healthcare Products Regulatory Agency (MHRA)
Ardens is registered with the MHRA as a Class I Medical Device.
Medicines and Healthcare Products Regulatory Agency (MHRA)
Ardens is registered with the MHRA as a Class I Medical Device.
Medicines and Healthcare Products Regulatory Agency (MHRA)
Ardens is registered with the MHRA as a Class I Medical Device.
Medicines and Healthcare Products Regulatory Agency (MHRA)
Ardens is registered with the MHRA as a Class I Medical Device.
NHS CIS2 Approved Application
Ardens Manager is an approved application under the NHS Care Identity Service (CIS2) service, allowing users to securely and seamlessly login to the platform.
NHS CIS2 Approved Application
Ardens Manager is an approved application under the NHS Care Identity Service (CIS2) service, allowing users to securely and seamlessly login to the platform.
NHS CIS2 Approved Application
Ardens Manager is an approved application under the NHS Care Identity Service (CIS2) service, allowing users to securely and seamlessly login to the platform.
NHS CIS2 Approved Application
Ardens Manager is an approved application under the NHS Care Identity Service (CIS2) service, allowing users to securely and seamlessly login to the platform.
NHS Data Security and Protection Toolkit
Ardens is proud to meet the standards of the NHS Data Security and Protection Toolkit.
NHS Data Security and Protection Toolkit
Ardens is proud to meet the standards of the NHS Data Security and Protection Toolkit.
NHS Data Security and Protection Toolkit
Ardens is proud to meet the standards of the NHS Data Security and Protection Toolkit.
NHS Data Security and Protection Toolkit
Ardens is proud to meet the standards of the NHS Data Security and Protection Toolkit.
NHSE Digital Technology Assessment Criteria
Ardens meets the clinical safety, data protection, technical security, interoperability and usability and accessibility standards set out in the DTAC.
NHSE Digital Technology Assessment Criteria
Ardens meets the clinical safety, data protection, technical security, interoperability and usability and accessibility standards set out in the DTAC.
NHSE Digital Technology Assessment Criteria
Ardens meets the clinical safety, data protection, technical security, interoperability and usability and accessibility standards set out in the DTAC.
NHSE Digital Technology Assessment Criteria
Ardens meets the clinical safety, data protection, technical security, interoperability and usability and accessibility standards set out in the DTAC.
NHS IM1 Approved Supplier
Ardens is an approved supplier under the NHS England IM1 pairing integration, having passed rigorous clinical safety, information governance and security assurance.
NHS IM1 Approved Supplier
Ardens is an approved supplier under the NHS England IM1 pairing integration, having passed rigorous clinical safety, information governance and security assurance.
NHS IM1 Approved Supplier
Ardens is an approved supplier under the NHS England IM1 pairing integration, having passed rigorous clinical safety, information governance and security assurance.
NHS IM1 Approved Supplier
Ardens is an approved supplier under the NHS England IM1 pairing integration, having passed rigorous clinical safety, information governance and security assurance.
How we protect your data
We have a wide array of technical and organisational measures in place to ensure the security of your data. You can find full details on this in the Data Protection & Processing section of our Terms and Conditions and our Product & Service Specification.
You can also find further details in our FAQs below.
24/7 monitoring
Ardens is safeguarded by DigitalXRAID’s Security Operations Centre, which continuously monitors for cyber threats.
Regular testing & scanning
We undertake annual penetration tests in accordance with industry standards and those set out by NHS England, plus quarterly vulnerability scans.
Staff training
All Ardens staff undertake annual Information Governance and Security Training.
Resources to support you
The responsibility for conducting a formal DPIA lies with the Data Controller. However, we provide the following Information Governance Overview documents:
This internal review aligns with key principles of data protection legislation and can be used by Data Controllers, including GP Practices when completing their own DPIAs.
Our Governance Team
Dr Stephanie Greville-Heygate
Governance Director & SIRO
Dr Stephanie Greville-Heygate
Governance Director & SIRO
Dr Stephanie Greville-Heygate
Governance Director & SIRO
Dr Stephanie Greville-Heygate
Governance Director & SIRO
Conor West
Governance & Compliance Coordinator
Conor West
Governance & Compliance Coordinator
Conor West
Governance & Compliance Coordinator
Conor West
Governance & Compliance Coordinator
David Birkinshaw (External)
Data Protection Officer
David Birkinshaw (External)
Data Protection Officer
David Birkinshaw (External)
Data Protection Officer
David Birkinshaw (External)
Data Protection Officer
Kerry Jones (External)
Operations and Governance Director (Digital XRAID)
Kerry Jones (External)
Operations and Governance Director (Digital XRAID)
Kerry Jones (External)
Operations and Governance Director (Digital XRAID)
Kerry Jones (External)
Operations and Governance Director (Digital XRAID)
Dr Robert Greville-Heygate
Clinical Safety Officer & Caldicott Guardian
Dr Robert Greville-Heygate
Clinical Safety Officer & Caldicott Guardian
Dr Robert Greville-Heygate
Clinical Safety Officer & Caldicott Guardian
Dr Robert Greville-Heygate
Clinical Safety Officer & Caldicott Guardian
Frequently Asked Questions
General
General
General
General
What is the organisational approach to information governance?
What is the organisational approach to clinical safety?
Can Ardens provide a Data Protection Impact Assessment?
What information do you provide for supplier due diligence?
What is the organisational approach to information governance?
What is the organisational approach to clinical safety?
Can Ardens provide a Data Protection Impact Assessment?
What information do you provide for supplier due diligence?
What is the organisational approach to information governance?
What is the organisational approach to clinical safety?
Can Ardens provide a Data Protection Impact Assessment?
What information do you provide for supplier due diligence?
What is the organisational approach to information governance?
What is the organisational approach to clinical safety?
Can Ardens provide a Data Protection Impact Assessment?
What information do you provide for supplier due diligence?
Ardens Manager
Ardens Manager
Ardens Manager
Ardens Manager
What is the purpose and scope of data processing within Ardens Manager?
How does Ardens Manager ensure data minimisation?
How is data retained within Ardens Manager?
What are the technical and organisational controls within Ardens Manager?
How is access to Patient Identifiable Data managed within Ardens Manager?
What is the process for notification of a change in sub-processor?
How does Ardens handle Data Subject Rights Requests?
What is Ardens' approach to incidents and data breaches?
Does the National Data Opt-Out apply to Ardens Manager?
What is the purpose and scope of data processing within Ardens Manager?
How does Ardens Manager ensure data minimisation?
How is data retained within Ardens Manager?
What are the technical and organisational controls within Ardens Manager?
How is access to Patient Identifiable Data managed within Ardens Manager?
What is the process for notification of a change in sub-processor?
How does Ardens handle Data Subject Rights Requests?
What is Ardens' approach to incidents and data breaches?
Does the National Data Opt-Out apply to Ardens Manager?
What is the purpose and scope of data processing within Ardens Manager?
How does Ardens Manager ensure data minimisation?
How is data retained within Ardens Manager?
What are the technical and organisational controls within Ardens Manager?
How is access to Patient Identifiable Data managed within Ardens Manager?
What is the process for notification of a change in sub-processor?
How does Ardens handle Data Subject Rights Requests?
What is Ardens' approach to incidents and data breaches?
Does the National Data Opt-Out apply to Ardens Manager?
What is the purpose and scope of data processing within Ardens Manager?
How does Ardens Manager ensure data minimisation?
How is data retained within Ardens Manager?
What are the technical and organisational controls within Ardens Manager?
How is access to Patient Identifiable Data managed within Ardens Manager?
What is the process for notification of a change in sub-processor?
How does Ardens handle Data Subject Rights Requests?
What is Ardens' approach to incidents and data breaches?
Does the National Data Opt-Out apply to Ardens Manager?
Products
Solutions
About
Support & Training
©2025 Ardens · All rights reserved.
Products
Solutions
About
Support & Training
©2025 Ardens · All rights reserved.
Products
Solutions
About
Support & Training
©2025 Ardens · All rights reserved.
Products
Solutions
About
Support & Training
©2025 Ardens · All rights reserved.