Meet the communication challenge

Integrated care needs secure, fast, accurate and targeted communication.

Careflow optimises workflow across the care continuum.

The complexity challenge

Multiple care providers, organisations and locations increase complexity

The efficiency challenge

Paper, phone, fax, pagers and email processes can’t cope, which results in mistakes, delays and waste.

The solution

Careflow is a unified clinical communications platform for integrated care. Work smarter, work faster.


  • Improving patient safety.
  • Preventing unnecessary hospital admissions.
  • Reducing length of stay.
  • Supporting timely discharges.

Transform how care is coordinated

Careflow’s unified, mobile and web-based communication platform replaces inefficient phone, pager and paper processes.

Faster communication, better coordination, safer care


Patient handovers displays patient status, medications and treatment plans. 

Team referrals

Share patient information quickly and accurately across teams.

Support mobile working

Careflow is available on any device, anywhere, anytime.

Right information, right person, right time.


Instant messaging

Allows carers to communicate securely, quickly and efficiently.

Shared lists

Patient handovers display patient status, medications and treatment plans.

Staff directory

Shares information about others’ status and presence, so care providers know who is on duty and available.

Highlights important information

Intelligent, real-time alerting ensures vital clinical information is seen by care givers as soon as it is available.

Pushed notifications support real-time healthcare.

Intelligent alerts

Mobilise data as soon as it becomes available. 

Notification workflow

Makes sure alerts are only received by the right person or team.

Clinical escalation

Ensures unacknowledged alerts are escalated.

Safe and secure

Careflow is committed to keeping your data secure. Careflow meets the strictest security and information governance requirements needed for healthcare.

  • ISO 27001 certified

    Careflow has full ISO 27001 certification. We adhere to robust processes around risk management, security, business continuity and compliance.

  • Data Protection

    Our Caldicott Guardian ensures ongoing review and fulfilment of the Caldicott principles and recommendations.

  • Encryption

    All patient identifiable data and content is encrypted, both in transit and at rest. Careflow uses AES GCM 256bit level encryption for storage, supported by strong certificate based key management policies. Information accessed by a device is encrypted in transit using 256-bit TLS.

  • Application security

    We strictly follow OWASP recommendations and regularly run internal vulnerability scans, penetration tests and commission independent specialists in information security to run external tests. We develop against web application vulnerabilities such as cross-site scripting (XSS), cross-site request forgery (XSRF) and SQL injection.

  • Service monitoring

    Service availability is continuously monitored. Our team is on standby 24x7 to respond in the unlikely event of a serious application issue. Our services are performance and load monitored. Messages are tracked to ensure they are not lost in transit or in the event of system failure.


    Careflow holds an NHS Information Governance Statement of Compliance (IGSoC). Careflow complies with US Health Insurance Portability and Accountability Act (HIPAA).

  • Clinical Safety Standard ISB0129

    Careflow is ISB0129 compliant. We use a secure agile development life cycle with testing and clinical review overseen by a registered Clinical Safety Officer with additional external safety assurance resource.

  • User authentication

    Careflow implements claims-based authentication (OAuth 2.0), two-factor authentication for device access and enforce a strong password policy. Careflow can additionally federate against other identity providers, including Active Directory.

  • Hosting Accreditation

    Careflow’s data is hosted in the Microsoft Azure cloud computing platform. Azure meets a broad set of international and industry-specific compliance standards, such as ISO/IEC 27001/27002:2013, HIPAA and FedRAMP. Microsoft is the only cloud provider to adhere to the ISO/IEC 27018 code of practice, covering the processing of personal information by cloud service providers.

  • Business Continuity

    Careflow holds an NHS Information Governance Statement of Compliance (IGSoC). Careflow complies with US Health Insurance Portability and Accountability Act (HIPAA).