Data Processing & Storage FAQs
- Do you provide any guidance to practices on how to utilise the Ardens Manager to reduce risks of uploading PID data?
- Has Ardens Manager been penetration tested in the last 12 months?
Our initial penetration test was carried out recently by JUMPSEC. We regularly review this requirement and carry out further penetration tests when necessary. If you would like more information on this please let us know.
- Where are the servers (including back ups) located?
We use Amazon S3 servers located in London. For more information on Amazon S3 servers, please see here.
- Does the benchmarking data you provide to other practices or CCG or any other third party allow other practices to be identified?
The practice has to consent to sharing their data with the other organisations before the practice can be identified.
- How are my video conferencing meetings processed and stored?
Video conferencing on Ardens Manager is hosted by Jitsi and are encrypted on the network using DTLS-SRTP. Meetings are not recorded or stored by Ardens Manager or Jitsi. If a user wishes to record a meeting they can store the recording on a separate Dropbox account. All participants are notified if the meeting is recorded.
Data such as chats and speaker stats are stored for the duration of the meeting and then destroyed once the meeting ends. For more information on Jitsi Security, please see their website.