<aside> 🚧 We've designed this page for people who have a background in Information Governance or data protection. It's quite heavy in legal language.
This page is shared on a confidential in confidence basis. Thank you.
</aside>
A sub-processor is a third party organisation that:
Healthtech-1 engages different types of sub-processors to perform different functions in our service.
In the rest of this document, we explain our approach to assuring and engaging them generally, and then we set out the sub-processors currently used, and for what function.
Healthtech-1 undertakes to use a commercially reasonable selection process by which it evaluates the security, privacy and confidentiality practices of proposed sub-processors that will or may have access to or otherwise process Service Data.
An International Transfer Risk Assessment has been undertaken for any sub-processor that transfers data out of the UK. This can be found here.
Healthtech-1 generally requires its sub-processors to satisfy equivalent obligations as those required from Healthtech-1 (as a Data Processor) as set forth in Healthtech-1's Data Processing Agreement, including but not limited to the requirements to: