EMEA | Healthcare and life sciences


The United Kingdom’s National Health Service (NHS) Department of Health and Social Care Information Center policy mandates that all organizations that process NHS patient data and systems must provide assurances that they are practising good data security and that personal information is handled correctly.

NHS Digital, a national public body in England, has developed the Data Security and Protection Toolkit (DSP Toolkit), an online self-assessment tool that allows organizations to assess themselves or be assessed against information governance policies and standards.

We’ve published a Google Cloud whitepaper that discusses the compliance landscape for UK health data and, for organizations accessing patient data in England, an overview of NHS and the DSP Toolkit. The whitepaper outlines how we have implemented the NHS DSP Toolkit requirements and how we can help our customers meet their applicable requirements.

The status of our compliance can also be found at the NHS site.

Google Workspace is also accredited as a secure email service for health and social care in the UK and includes where email is used for the sharing of patient identifiable data.

UK’s Cloud Security Principles

Learn more

ISO/IEC 27001

Learn more

ISO/IEC 27018

Learn more