City Health Clinic is a private dental health practice based in the heart of Edinburgh. They offer affordable private dental care, along with private GP and medical services to professional clientele. Staff at City Health Clinic take a personal and service oriented approach to their work, to create a welcoming, relaxed therapeutic environment. A former Dentist of the Year winner at the Scottish Dental Awards, they have earned a reputation for leading the way in modern dentistry healthcare.
City Health Clinic came to Texaport with a number of specific IT, cyber security, and compliance issues that they needed resolving. Due to them handling large quantities of personal information, they have a legal duty to store and process their patients’ data in line with GDPR legislation. Their existing policies and systems were not enabling them to confidently meet this requirement and they needed help identifying and addressing the gaps.
As a healthcare provider, it was vital that patients’ confidential data was stored safely and securely, but City Health Clinic were worried about the lack of transparency that their existing IT provider was giving them. One of their largest clients, a global brand, had recently updated the cyber security requirements for all their suppliers, and City Health Clinic were not confident that they could meet the new criteria with their existing IT manager.
As well as this, the value of the clinic’s existing managed IT service had decreased to the extent that they no longer believed that the initial service level agreements (SLAs) were being met. Far from proactively managing their IT environment, the provider was either slow to respond when alerted to issues, or entirely unresponsive.
Texaport carried out a bespoke audit of City Health Clinic’s cyber security footing, generating a report which detailed the gaps and advised how to address them. We recommended that they get the Cyber Essentials certification with additional Information Assurance for Small to Medium-sized Enterprises (IASME) governance.
To support this, we provided GDPR consultancy, helping them implement systems to handle their patients’ sensitive data lawfully and responsibly. Our consultancy was tailored to precisely meet the exacting requirements of their major client.
We improved the health of all their company devices, ensuring that security and operating system updates were installed according to a regular timetable. To prevent passwords from being compromised, we assigned each member of staff their own account and put minimum password complexity rules in place.
We introduced leading antivirus and antimalware technology which proactively guards against viruses, seamlessly eliminating any threats it identifies. As well as this, we established an advanced mail filtering system, which scans all in- and outbound messages to prevent suspicious emails from even reaching users’ inboxes.
Additionally, having discovered that the previous supplier hadn’t installed their wireless access points correctly, we laid new data cabling, enhancing Wi-Fi connectivity throughout the building.
City Health Clinic chose to work with Texaport because of our relevant previous experience in the healthcare sector - and specific expertise in the dental health industry. From the outset they were able to rely on our capability, without wasting any time or effort getting us up to speed. And due to our familiarity with dental practise software, we have been able to advise on and optimise use of their existing platform.
They successfully achieved their Cyber Essentials certification, boosting the practice’s data security to the level specified by the major client, and meeting GDPR requirements. This kept them compliant with current legislation and the rigorous expectations of the healthcare industry.
As a result of our consultancy and upgrades, City Health Clinic exceeded the cyber security standards set by their high profile client. They were able to extend the contract, and continue providing first class dental care to the firm's employees.
"With our IT and Cyber security now being managed by Texaport we have met our compliancy requirements, ensuring we handle sensitive client data safely"
Mohsin Ullah CEO, City Health Clinic