Terms and conditions

Welcome to the Lumeon documentation hub. Here you can find information about our general terms and conditions as well as our data protection and security credentials.



Lumeon_Business Associate Agreement_v1 (18.07.2016)

Lumeon Privacy Policy_UK_v3 (01.02.2018)

Lumeon_Support Agreement_UK_v2 (13.12.2017)

Vist archive >>





Lumeon_Support Schedule_US_v1_(18.07.2016)

Lumeon Privacy Policy_US_v1  (28.12.2017)





Every year Lumeon undergoes a full external information security audit aligned to the ISO27001:2013 standard. We are accredited by SGS who review our systems and security to ensure that we are complying with our policies and have no single points of failure in the organisation – either on process, technology or people. Everything is documented and tested and all staff undergo regular training to remain up to date. We deal with business-critical data so you can rely on the fact that we take this responsibility seriously.

EU Privacy Shield

Lumeon is certified under the EU-US Privacy Shield. View the certification here.


Two-factor authentication

We can send an SMS message to the mobile phone number of the user attempting to log in, or an email to their registered email address with security token, to verify their identity.


Lumeon is committed to protecting the privacy of our clients’ patients’ personal health information. Part of that commitment is complying with the Privacy Rule of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which requires us to take additional measures to protect personal information and to inform our clients about those measures. If you would like more detailed information, please contact privacy@lumeon.com


Lumeon is hosted in a secure N3 compliant and ISO27001 datacentre using one of only a handful of hybrid N3 approved data architectures. We also support two-factor identification and data encryption to NHS standards.