Legal

Security Statement

Last updated: May 2026

A public summary of how Nexus CMS is engineered, operated, and governed for security. Detailed control documentation is shared with qualified prospects and licensees under NDA.

1. Hosting model

Nexus CMS runs as a single-tenant deployment for every licensee — never on shared infrastructure. Two deployment options are supported: on-premise hardware at the licensee's site, and dedicated managed VPS in a UK data centre. Multi-tenant cloud is not offered, by design.

2. Identity and access

  • Multi-factor authentication is enforced for every account, with no admin-level bypass.
  • Role-based access control with discipline-aware scopes — clinicians see their caseload, coordinators see the team, parents see their own child.
  • Session controls include idle timeout, lockout-on-failed-attempts, and short-lived access tokens with rotation.
  • Credentialed referrer access — GP and SENCO referrer accounts go through credential checks before activation.

3. Audit and traceability

Every clinical access, modification, and authentication event is recorded to a tamper-evident audit trail. The trail is designed to satisfy regulators, ICO enquiries, and clinical governance reviews without retroactive reconstruction.

4. Encryption

  • Encryption in transit using current TLS standards.
  • Encryption at rest for the application database and document storage.
  • Sensitive credentials (such as MFA secrets) are stored encrypted with separate key material.
  • Backups are encrypted; the licensee chooses the backup destination.

5. Application security

  • Input is validated server-side with strict typed schemas.
  • Standard web security headers are applied (CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy).
  • Rate limiting is applied to authentication and enquiry endpoints.
  • Uploaded files are MIME-validated and stored under sanitised filenames.
  • Dependencies are continuously scanned; security updates are applied within agreed windows.

6. Data protection

Nexus CMS includes first-class workflows for UK GDPR data subject rights — access, rectification, erasure, restriction, portability — and for retention policy enforcement. Records of processing activity, lawful-basis tracking, and consent capture are built into the data model rather than tracked outside the system.

7. Operational security

  • Production access is restricted to a small named set of engineers.
  • Administrative actions are logged and reviewed.
  • Backups are taken on a documented schedule with periodic restore drills available on request.
  • For managed-VPS deployments, infrastructure is monitored continuously.

8. Incident response

Nexus maintains a documented incident response process covering detection, triage, containment, recovery, and post-incident review. Where an incident affects a licensee's data, we notify them in line with the Data Processing Agreement and support their regulatory response.

9. Responsible disclosure

We welcome responsible reports of security issues. Email info@nexusndc.co.uk with the subject line "Security disclosure". Please give us reasonable time to investigate and remediate before any public disclosure.

10. Updates

This statement summarises our security posture at the time of publication. Detailed and current control documentation is provided to qualified prospects and licensees under NDA.