Security and compliance,built in from day one.
In care, data security is resident safety. FlexiEle is built to the standards regulated UK care demands — and we are working through independent certification openly, telling you exactly where each one stands.
In care, data security is resident safety.
A care record holds the most sensitive information there is — health, capacity, relationships — and, in home care, who holds a key to whose front door. A breach in care is not an IT abstraction. It is a risk to the safety of the people you support.
So FlexiEle treats security as a first-order part of the product — designed in from the start, not added once the platform was already built.
What is in the product today.
UK data protection
FlexiEle is built to comply with UK GDPR and the Data Protection Act 2018 — data protection by design, not bolted on afterwards.
Built inThe MODS data standard
A data model built MODS-native — to the NHS Minimum Operational Data Standard, DAPB4102 — from the first line of code.
Built inRole-based access & audit trail
Every person sees only what their role needs. Every access and every change is time-stamped on an immutable audit trail.
Built inEncryption & UK data residency
Data encrypted in transit and at rest, and designed for UK data residency.
Built inAccessibility — WCAG 2.2 AA
Designed to meet WCAG 2.2 AA, the accessibility standard the NHS DTAC assessment expects of care software.
Built inSecurity operations
Monitored access logs, a defined incident-response process, and independent penetration testing as part of the security programme.
Built inWhat we are working towards.
ISO/IEC 27001
The international standard for information security management — the universal procurement baseline. Certification is in progress.
In progressSOC 2 Type II
An independent audit of security and availability controls over time, expected by group providers. On our certification roadmap.
In progressCyber Essentials Plus
The UK government-backed cyber-security certification, with hands-on technical assessment. In progress.
In progressDSPT — Standards Met
The NHS Data Security and Protection Toolkit. FlexiEle is working towards a “Standards Met” submission — and the platform auto-generates the DSPT evidence providers need for their own.
In progressDCB0129 & DCB0160 clinical safety
The NHS clinical risk management standards for health IT. FlexiEle is establishing its DCB0129 process and clinical safety case, and will ship a DCB0160 deployment pack for each customer.
In progressDSCR assurance
NHS England’s assurance for digital social care records — and the gateway to GP Connect. Assurance is in progress.
In progressDTAC 2025-26
The NHS Digital Technology Assessment Criteria — clinical safety, data protection, technical assurance, interoperability and usability. FlexiEle is preparing for assessment.
In progressWe will mark each of these as independently certified on this page only once it genuinely is — and not before.
We won't show you a badge we haven't earned.
Plenty of care software shows a wall of certification logos. Some of those certifications lapsed years ago — and buyers have learned, the hard way, that a badge is not the same as the practice behind it.
FlexiEle is a new platform, so this page does the honest thing instead. It tells you exactly what FlexiEle is built to, and where each independent certification stands — and we update it the day each one completes. When you are trusting a supplier with the most sensitive information in care, honest beats shiny.
Bring your IT and procurement team.
Book a 20-minute demo and we will walk through FlexiEle's security and compliance with the people who need to sign it off — and share our security documentation on request.