Committed to Privacy & Security

Our objective is to increase patients' and other subjects' safety, privacy, dignity and independence.

The optical sensors we use are also purchased by others for use as conventional cameras so it's understandable we often get asked questions about privacy and data security.
We have designed our system in careful consultation with patients and clinical, carer and custodial users. We're proud of how we go about our business and this page explains our approach.
We think that the following aspects are particularly important:

Data encrypted at source

The data generated by our optical sensors and algorithms are all encrypted immediately.

Alerts, not video streaming

Our system displays room statuses, alerts and data reports. Users may choose briefly to view a video feed if they decide they need to see into the room. Staff managers choose whether this temporary video feed is displayed to staff as a blurred image or needs to be an identifiable one.

The vast majority of the data our system generates are not personally identifiable

We generate mathematical data and irreversibly blurred images which do not identify a person.

Identifiable data are always under customer control

We use identifiable data to develop and improve our algorithms. These data are usually recorded within formal research studies. We sometimes take custody of small amounts of identifiable data from customer sites fully to debug the system in a specific room or to improve functionality required to deliver their services to patients or other subjects. These data are only released to us with specific authorisation from a designated customer representative for a specified purpose for a defined period with ongoing review of that data's use and retention. We are not given a subject's name or other identifiers.

Data are held securely

Encrypted identifiable data are held securely on the customer site or transported securely to Oxehealth's servers and held securely there. Encrypted, non personally identifiable data are held securely in the OxeCloud. Data are held with restricted, auditable access permissions. Our systems are regularly penetration tested by third party experts and several of our government customers have completed their own security reviews.

Fully informed authorisation

Our customers review and formally adopt a detailed Data Privacy Impact Assessment which lays out how we will process data on their behalf in compliance with the General Data Protection Regulation, as part of signing a contract with us.

We don't sell data

We make solutions to help clinicians, carers and custodians look after those entrusted to them. We use certain data to improve our algorithms so that they are even more helpful to our customers. We never sell these data to third parties.

The following diagram lays out the data paths in our secure system and illustrates how we carefully create, separate, encrypt and control identifiable data and anonymised data.

Data Privacy Diagram:
1. Infrared light is detected by the optical sensor, even in the dark. This sensor turns the light into electronic data.
2. These electronic data are passed to the processing unit, usually located in the ceiling void. This analyses the electronic data and turns them into encrypted video. Computer monitors or handheld devices display room alerts, reports and video on demand, as specified by customer.
3. The encrypted identifiable data (video in which a person can be recognised) are stored on the Oxeserver located on customer premises for a short period, typically 1-3 days. After that. the data are deleted unless specifically selected for retention in line with the Customer's Data Protection Impact Assessment.
4. Encrypted anonymised data (mathematical data and irreversibly blurred images which cannot be read by anyone else and do not identify a person) are sent securely over the internet to Oxehealth's server, where they are used to monitor system performance, improve the software and trouble shoot.

Storage Device: Customers may choose to retain identifiable data from time to time, for example to aid the investigation of a safety incident. This is governed by the Data Protection Impact Assessment and overseen but their Caldicott Guardian or their Data Protection Officer (or equivalent)

Secure Courier: Customer may specifically authorise Oxehealth to store identifiable data for the purpose of trouble shooting the Oxehealth software. This data is released to Oxehealth for a specified purpose then deleted. Oxehealth provides regular updates of the data it is holding to each customer.

If you would like to understand more about our data and privacy regime, please do get in touch.

Get in Touch

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Preferences Deny Accept