Security & Compliance at AMS

At AMS, protecting sensitive information is at the core of everything we do. Our solutions are trusted by organisations across the UK, including the NHS, to handle and safeguard confidential data. We combine robust technology with certified processes to give customers complete confidence in our security and compliance.

 

This page content applies to AMS Secure Cloud solutions only.

Highlights

Vault

Certified & Compliant

ISO 27001, Cyber Essentials, NHS DSPT

FolderLock

UK Hosting

All data stored in Microsoft Azure UK datacentres

Lock

Strong Protection

Encryption at rest and in transit for all data

FolderSimpleUser

Controlled Access

Role-based permissions and multi-factor authentication

TreeStructure

Ongoing Monitoring

Defender for Cloud, logging, and regular audits

ShieldCheck

Data Privacy

GDPR compliant with clear retention and deletion policies

Certifications & Standards

We maintain internationally recognised certifications and accreditations that demonstrate our commitment to security.

ISO-3

ISO 27001

Certified Information Security Management System

Cyber-Essentials-Plus-Logo 1

Cyber Essentials

Demonstrating core security controls

NHSDSPT-1

NHS DSPT

Compliant with the NHS Data Security and Protection Toolkit

Secure Hosting in the UK

All AMS cloud solutions are hosted in Microsoft Azure UK datacentres.

  • Data is kept within UK jurisdiction
  • Azure provides industry-leading physical security, resilience, and environmental controls
  • Customers benefit from Microsoft’s extensive compliance certifications, including ISO, SOC, and GDPR alignment
pair-of-employees-discussing-work-standing

Data Protection

We ensure customer data is handled securely at every stage:

  • Each customer’s information is stored in a dedicated Azure storage account and SQL database, ensuring strict segregation
  • All data is encrypted in transit and at rest using strong cryptography
  • On contract termination, customer data is securely deleted from AMS systems within 60 days, in line with our retention and disposal policy
  • Compliance with UK GDPR and Data Protection Act 2018, ensuring that data subject rights are protected
3-young-professionals-chatting

Access & Control

Security is reinforced by strong access controls:

  • Role-based access permissions with Azure RBAC and Privileged Identity Management (PIM)
  • Multi-factor authentication for administrative accounts
  • Regular reviews of user access rights to maintain security integrity
3-people-standing-in-a-entrance-talking-wearing-suits

Resilience & Assurance

Reliability and trust are built into our services:

  • Microsoft Azure’s availability zones and disaster recovery capabilities ensure resilience
  • Independent testing and ongoing internal monitoring protect against evolving threats
  • Continuous alignment with ISO security standards, NHS data-security assurance requirements, and UK data protection regulations
male-and-female-conversing-about-content-on-a-laptop

Contact Us

If you’d like to learn more about how AMS protects your data, please contact our Security & Compliance team at dp@ams-ltd.com.