MJog Limited take data security very seriously and are committed to protecting any information entrusted to us by all our clients to ensure patient confidentiality. Information Governance is a framework for handling information in a secure and confidential manner to quality and ethical standards. It is an umbrella term that encompasses confidentiality, data protection, data quality, records management, information security and Freedom of Information.
MJog enforce strict security procedures and maintain high levels of data protection that conforms to NHS Information Governance guidelines, and Data Protection Legislation in the UK. We have an IGSoC rating of 100% (IGSoC Organisation number 8HL93) and ISO 27001:2013 certification.
MJog Patient Messaging software is pre-tested and verified to conform to the terms and conditions of long term Partnership Agreements with the suppliers of all major Patient Administration Systems. This ensures that MJog operates to the same high standards for the protection of patients’ data. MJog is installed onto a chosen computer under the supervision and control of NHS staff, and is protected with a username and password chosen by the relevant member of staff.
During the normal operation of the MJog patient messaging service, messages are transferred from a dedicated PC to either the HSCIC Servers or to the Mobile Network via our MJog Servers (dependent on the tariff customers have subscribed to). When using HSCIC for the sending of patient messages, MJog uses a dedicated NHSmail account for complete security. Set up by the GP practice, the CCG, or NHS Trust site, the NHS Mail account is protected by a username and password which has to be changed quarterly.
Once MJog is installed and actively sending reminders, our staff can only gain access to your MJog system with your permission, whilst under observation of your staff and for the purposes of support and maintenance.
Appointment reminder messages require at very least the patient’s mobile number and the date and time of their appointment. Customers always have complete control over the content of messages and can therefore limit or exclude any patient identifiable information. Customers can also control which patients will receive messages using implied opt-in and opt-out settings in support of information governance policies. The transfer of all messages is protected using industry standard SSL with 256 bit encryption to ensure their safe transit. Our security validation was issued by Geotrust and we have been verified by them as bona-fide.
MJog will not access any sensitive information about customer’s patients. Whenever any of our staff needs to access NHS systems to maintain MJog and they may be exposed to patient information, they will be instructed that such access is to be supervised by the customer, kept to a minimum, and confidential information disregarded. MJog will never use any data for any other purpose except for the delivery of messages. Nor will we divulge any mobile numbers or message details to any body for any purpose unless required to do so by law. As further support of Information Governance, all MJog staff sign an Information Governance policy.
MJog Limited is registered with the Data Protection Register (number Z109053X). Further information on the Data Protection Register can be found at the ICO website or by contacting us on 01353 741641 or emailing us.
MJog is a Crown Commercial Supplier on the Digital Marketplace for G-Cloud 7 (for SMS gateway).
Certificate No. 15592IS