IT support for clinics and healthcare practices.
Managed IT for dentists, GPs, private clinics and allied-health practices across West Sussex. DSP Toolkit-ready, UK GDPR-aligned and CQC-friendly.
DSP Toolkit, kept green
The NHS Data Security and Protection Toolkit is mandatory for any organisation handling NHS patient data. It's a self-assessment — but a weak one gets blocked from the NHS network and loses you contracts. We run the technical evidence collection for each mandatory assertion: patching cadence, asset inventory, user access reviews, incident process and staff training. If the DSP Toolkit deadline is coming up, we work back from it.
Patient-data handling under UK GDPR
Patient records are special-category data. That means tighter controls on access, movement and retention. We build the Microsoft 365 tenant with patient data confined to a dedicated site, access limited to the clinical team, retention labels set to your policy, and full audit logs retained for the required window. No patient data in personal OneDrives. No patient data in shared mailboxes without access control.
- MFA on every clinical and admin account, enforced by Conditional Access
- Device encryption with BitLocker on every laptop, tablet and clinician phone
- Defender for Endpoint on every device, with central incident alerting
- Immutable 3-2-1 backups so a ransomware event doesn't take out patient records
- Documented data-breach notification process, ready for the 72-hour ICO clock
CQC-friendly IT records
CQC inspectors don't audit your IT — but they do ask how you protect patient confidentiality and how you'd keep running if the system went down. We produce the documentation they expect as part of onboarding: access matrix, business continuity plan, backup test log and incident register. All of it sits in a SharePoint folder your Registered Manager can share directly with the inspector.
PMS integration
Your practice management system is the heart of the clinic. We work around whichever platform you've chosen — cloud, server-hosted or hybrid — and make sure the Windows 11 baseline, Microsoft 365 identity and endpoint controls all support it cleanly. Printer and smartcard integration, digital-imaging storage and referral-letter workflows are handled without breaking the clinical day.
Clinics ask us
Will you help us complete the DSP Toolkit?
Yes. We produce the technical evidence and sit with your Information Governance Lead to work through each mandatory assertion.
Can you work with our existing PMS?
Yes — we're software-agnostic. We handle the infrastructure and identity layer so your PMS keeps running, patched and backed up, whatever the vendor.
How do you handle patient data on lost laptops?
BitLocker encryption on the disk, remote wipe via Intune, Conditional Access blocking the device from the tenant, and a written incident-response procedure you can share with the ICO within 72 hours.
Book an IT audit for your clinic.
A 60-minute call plus a remote scan of your tenant. Written report whether you sign with us or not.