🎉 Tandem is now reaching 500,000 NHS staff through Accurx partnership
Read more
We always ensure your data is handled with the highest security standards and that both your and your patients' privacy is protected.
Tandem follows GDPR and local patient data laws to ensure your data is handled securely. We are ISO 27001 certified and Cyber Essentials certified, demonstrating strong cybersecurity and data protection measures. Tandem Health is also fully compliant with the 24/25 Data Security and Protection Toolkit (DSPT), meeting NHS standards for data security and the proper handling of personal information.
Oliver Ã…strand
Chief Technology Officer, Tandem Health
All patient data is processed and stored in data centers within Europe. Tandem has specific enterprise agreements in place to ensure compliance and maintain the highest security standards.
Trusted by 500+ organizations within healthcare
Complies with ISO 27001, GDPR, and local patient data laws
Tandem ensures that all your information is handled with the highest standards of security. Protecting your data is a core priority for us, and we are committed to continually strengthening our practices to exceed industry expectations.
All patient data in Europe
All patient data is processed and stored within Europe. Tandem has specific enterprise agreements in place to ensure compliance and uphold the highest security standards.
No link to patient
There is no explicit link to a specific patient. No personal identification numbers or names are logged in association with a note in Tandem.
No audio recordings stored
Audio is streamed and processed in real-time during conversations. There is never a complete audio file from the conversation, and as soon as it is transcribed, the audio file is deleted.
Your data is never used to train AI
If AI models are trained on data, there's a risk that training data could leak when the model is used. Therefore, Tandem does not train any of its AI models on personal data to ensure that your data remains private.
Regular penetration testing
Tandem conducts regular penetration testing by engaging external security firms to review our security measures and attempt to hack the system.
Is Tandem compliant with required data standards?
Absolutely. Tandem meets all relevant data handling standards. You can find a full list of our certifications and our data processing agreements in our trust center.
Do you have access to my patients’ records?
No. Tandem never reads your medical record system or patient records. We have ‘write-only’ access to save the clinical notes you generate into your medical record system.
Is Tandem a medical device?
No. Tandem is not classified as a medical device. Tandem does not diagnose or offer treatment advice. You maintain full professional control over all clinical decisions and documentation.
Is my data used for training AI models?
No, we never use your data for training AI models.
Are audio recordings stored from the consultations?
No, the audio is transcribed in real-time during the consultation and is thereafter permanently deleted.
Who is legally responsible for the clinical documentation?
Ultimately, you are responsible for verifying the accuracy of your notes. Like any transcription method—human or AI - errors can sometimes occur. We encourage clinicians to review Tandem’s note draft before finalising it in the medical record system.
Where is the data stored and processed?
All transcripts and clinical notes are stored on a database located in Europe. We never retain or store any audio recordings from your consultations.
