Acceptable data security is achieved through multiple layers of careful design. Access is via secure log credentials that provide role based access to appropriate sections of the functionality. Data is encrypted at rest and in transit. Patient data is pseudonymised to ensure cases are not attributable directly to individuals. The system is hosted in highly secure facilities incorporating layers of system and physical security.