Security & Data Protection

UK GDPR Compliance

As a UK-based company processing data for dental practices across the United Kingdom, we fully comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Our commitment to data protection is embedded in every aspect of our platform design and operations.

• Lawful Basis: We process personal data only where we have a lawful basis-typically contractual necessity for service delivery or legitimate interests for platform improvement
• Data Minimisation: We collect only the data necessary to provide our services—nothing more
• Purpose Limitation: Patient data is used solely for dental practice management and is never used for marketing or sold to third parties
• Subject Rights: We provide built-in tools enabling practices to fulfil data subject access requests (DSARs), rectification, erasure, and portability requests
• Data Processing Agreements: We operate under appropriate DPAs with all dental practices using our platform
• 72-Hour Breach Notification: We maintain incident response procedures to notify relevant parties within the required timeframe

Healthcare Data Standards

Our infrastructure implements controls consistent with international healthcare security standards, including administrative safeguards (access controls, workforce training, incident procedures), physical safeguards (data centre security, equipment controls), and technical safeguards (encryption, audit controls, integrity controls, transmission security).

NHS Alignment

Our security controls are designed to align with NHS Data Security and Protection Toolkit (DSPT) requirements, making Lumina suitable for practices that work with or alongside NHS services.

UK Data Residency

All Lumina data is processed and stored exclusively within the AWS London region (eu-west-2). This ensures patient data never leaves UK jurisdiction, maintains compliance with UK data protection requirements, provides low-latency access for UK-based practices, and aligns with NHS data residency guidance.

Cloud Platform Certifications

We use Amazon Web Services (AWS) as our infrastructure provider. AWS maintains comprehensive compliance certifications relevant to healthcare:

• ISO 27001: Information Security Management Systems
• ISO 27017: Cloud Security Controls
• ISO 27018: Protection of Personally Identifiable Information in Public Clouds
• SOC 1, SOC 2, SOC 3: Service Organisation Controls for security, availability, and confidentiality
• Cyber Essentials Plus: UK Government-backed cybersecurity certification
• NHS DSPT Alignment: Controls aligned with NHS Data Security and Protection Toolkit

Environment Isolation

We operate a multi-account strategy with strict separation between environments. This architecture ensures complete isolation between production, staging, and development systems.

Service Control Policies (SCPs) enforce organisation-wide security guardrails, preventing any accidental cross-environment access. Developers have no access to production resources or data. This means all internal development, testing, and experimentation occurs using synthetic data—real patient information is never used for development purposes.

Encryption at Rest

All data stored within Lumina is encrypted at rest using AES-256 encryption, the same standard used by governments and financial institutions worldwide.

Encryption in Transit

All data transmitted to and from Lumina is encrypted using modern cryptographic protocols. We enforce strict transport security across all connections.

• HTTPS Only: All API endpoints enforce HTTPS—HTTP connections are automatically rejected
• TLS 1.2+: Only modern encryption protocols are accepted; legacy protocols are disabled
• Modern Cipher Suites: We use only current, secure cipher suites recommended by security standards bodies
• HSTS Enabled: HTTP Strict Transport Security headers with 2-year max-age, including subdomains
• Auto-Renewal: SSL/TLS certificates are managed via AWS Certificate Manager with automatic renewal—no manual intervention or expiry risks

User Authentication

Lumina uses AWS managed identity services for enterprise-grade authentication, providing bank-level security for all user accounts.

Session Security

• JWT Tokens: Cryptographically signed tokens that cannot be forged or tampered with
• Automatic Expiration: Sessions expire automatically after periods of inactivity
• Secure Refresh: Token refresh mechanisms prevent session hijacking

Role-Based Access Control

We implement fine-grained role-based access control (RBAC) with 58+ granular permission types. Every API request is authorised in real-time, with permissions evaluated based on user role, organisation, and specific resource being accessed. This ensures staff members only have access to the data and functions appropriate to their role within the practice.

Organisation Data Isolation

Your data is never shared across organisations. Each organisation's data is completely isolated, ensuring that information from one organisation cannot be accessed by another. Within your organisation, access is controlled by the permissions granted to each user by your administrators.

API Gateway Protection

All Lumina APIs are protected through multiple security layers, ensuring that only authorised requests reach our systems.

• Authentication Required: Every endpoint (except public health checks) requires valid authentication
• Rate Limiting: Protection against abuse with 100 requests/second sustained rate and 200 requests/second burst capacity
• Input Validation: All request payloads are validated against strict schemas before processing
• CORS Configuration: Cross-origin requests restricted to authorised Lumina domains only

Web Application Firewall

AWS Web Application Firewall (WAF) shields all APIs against OWASP Top 10 threats including SQL injection, cross-site scripting (XSS), and malicious request patterns. Attack attempts are logged, blocked, and analysed for security intelligence.

API Key Management

For system integrations, we implement secure API key lifecycle management:

• Automatic Rotation: API keys rotate every 90 days automatically
• Secure Storage: Keys stored in AWS Secrets Manager with encryption
• Dual-Key System: Primary and secondary keys enable zero-downtime rotation
• Usage Monitoring: All API key usage is logged and monitored for anomalies

Backup & Recovery

We implement comprehensive backup strategies to protect against data loss, ensuring your practice can recover from any scenario.

Deletion Protection

Production database tables are protected against accidental deletion through multiple safeguards including infrastructure-as-code deletion policies and database-level deletion protection. Administrative changes require multi-person approval.

Data Retention

We implement automated retention policies that comply with healthcare regulations while respecting privacy principles.

After subscription cancellation, your data remains accessible for export for a minimum of 2 years. Full data export is available in standard formats at any time during this period.

Comprehensive Audit Trail

Every action within Lumina is logged for security, compliance, and operational visibility. Our audit system captures the complete picture of system activity.

• User Actions: Login, logout, data access, modifications, exports
• System Events: API calls, permission checks, errors, performance metrics
• Data Changes: Full before/after snapshots of all record modifications
• Timestamps: All events timestamped with UTC precision for accurate forensics

Log Security

Audit logs themselves are protected with the same rigor as patient data:

• Stored in append-only format—logs cannot be modified or deleted
• Encrypted at rest using AES-256
• Retained according to compliance requirements (7 years)
• Available to practices for their own compliance and audit needs

Real-Time Monitoring

Our security team operates continuous monitoring for unusual access patterns, failed authentication attempts, system performance and availability, and security-relevant events. Alerts are generated automatically and investigated promptly by our security team.

Development Environment Isolation

Our AWS Organisations structure ensures developers work exclusively with synthetic/anonymised data. No production credentials exist in development environments, and code cannot be deployed to production without passing through staging validation.

Code Security

• Infrastructure as Code: All infrastructure defined in version-controlled templates—no manual changes
• Dependency Scanning: Automated scanning for vulnerable dependencies before deployment
• Code Review: All changes reviewed by qualified engineers before deployment
• Secrets Management: No secrets in code—all credentials managed via secure services

Deployment Security

• Immutable Deployments: New versions deployed as new resources, not modifications to existing systems
• Instant Rollback: Ability to instantly revert to previous versions if issues detected
• Environment Parity: Staging mirrors production configuration exactly
• Automated Testing: Security and functional tests run automatically before every deployment

Our Commitment

In the event of a security incident, we follow a structured response process designed to minimise impact, maintain transparency, and prevent recurrence.

We maintain detailed incident response runbooks and conduct regular tabletop exercises to ensure our team is prepared to respond effectively to any scenario.

Sub-Processors

We use a limited number of carefully vetted sub-processors. Each is bound by data processing agreements with equivalent security and privacy requirements.

Integration Security

When practices choose to enable third-party integrations, data sharing is carefully controlled:

• Explicitly consented to by the practice administrator
• Limited to the minimum data necessary for the integration
• Documented in integration-specific terms and conditions
• Revocable at any time with immediate effect

Shared Responsibility Model

While we implement comprehensive security measures at the platform level, practices also play an important role in maintaining data security.

Recommended Security Practices