Skip to content

Quality & Security Policies

Home » Quality & Security Policies

Quality Policy

One Touch is committed to the satisfaction of our Customers through the delivery of high-quality software and customer service. We have chosen to do this in a structured, process-based manner through the implementation of our quality management system, certified to ISO 9001. The scope of our QMS is the “Provision of digital platforms and workforce management systems that support compliance for the health, social care and private sector”.

Click here to view our ISO 9001 Certificate (opens as a PDF in a new tab). 

We are committed to the maintenance and continual improvement of the business and the quality management system. We have set formal objectives for us to achieve and monitor our performance to ensure above all else a high level of Customer satisfaction, which is measured, reviewed, and considered a critical success measure.

One Touch aims to secure the future success of the business by investing in our employees, providing the necessary resources, and using best practice to drive improvement. We monitor our performance through KPIs and seek feedback to ensure customer satisfaction during and after service delivery.

Information Security Policy

One Touch operates and maintains an Information Security Management System (ISMS) that is compliant with ISO 27001.

One Touch are committed to the ensure that we identify, understand, and satisfy requirements from our interested parties, including our customers, suppliers, regulators and other stakeholders, while empowering our employees to manage risk in their duties, in line with their requirements of the ISMS. We design our software with security and privacy as a core input requirement.

The scope of our ISMS is the “Provision of digital platforms and workforce management systems that support compliance for the health, social care and private sector

This ISMS provides us with a framework to set, monitor and achieve our security objectives, which at their core is to ensure the Confidentiality, Integrity and Availability of data and information systems under our care.

Our ISMS enables us to ensure the development and maintenance of appropriate policies and procedures to ensure effective risk management. Our ISMS is a live system, adaptable and responsive to an ever-changing threat landscape, and one to which we commit to continually improve.

Click here to view our ISO 27001 Certificate (opens as a PDF in a new tab). 

Cyber Essentials Plus Certification

Cyber Essentials Plus is a UK Government-backed and industry-supported scheme that helps businesses protect themselves against the growing threat of cyber attacks and provides a clear statement of the basic controls organisations should have in place to protect themselves. Cyber Essentials Plus is a set of technical controls that we have put in place to protect ourselves and our users against common online security threats.

Click here to view our Cyber Essentials Plus Certificate (opens as a PDF in a new tab). 

Supplier Security Policy

One Touch attaches particular importance to the security of its own, its employees’ and its customers’ data.

It is therefore vital that existing and potential new suppliers to One Touch have appropriate security controls to ensure the confidentiality, integrity and appropriate availability of such data is not compromised and these controls are in maintained in accordance with One Touch security policies.

The reference standard for One Touch security policies is ISO27001 and the suppliers shall comply with the principles of that standard.

At a minimum, Suppliers agree to:

  • Maintain the confidentiality of any information shared with the supplier by One Touch
  • Not to distribute any information to a third party without prior expressed permission from a senior member of management in One Touch
  • Allow One Touch, when deemed necessary, to audit their facilities, systems, and processes specific to services provided to One Touch
  • Ensure that their employees are aware of the nature of the supplier relationship with One Touch and ensure that they are in compliance with the information security requirements at all times
  • Where necessary, agree to implement a Data Processing Agreement and to adhere to its specific requirements for data processing