CamCOPS – Security model
Back to Documentation

The CamCOPS security model is multi-layered. It is not enough to have a “secure” tablet app; there are other things you must do as well.


Tablet security

To meet NHS mobile data protection standards [NHS Scotland: CEL 25 (2012)], a tablet holding “sensitive information” of a significant degree of sensitivity requires:

For relevant CamCOPS platforms:

You must enable tablet encryption, choosing a strong password for your tablet; see tablet configuration.

CamCOPS app security


Internally in the tablet app

Link security

Server security

Communication between tablet and server

Communication between user and server using the web front end

Internally in the server

Security against data loss

“Analytics” security

CamCOPS doesn’t send a copy of your data back to its base. Your data is private to you. However, by default, when the CamCOPS app or server starts, it does send some basic usage details back to base (at, helping us to know how CamCOPS is being used and to support users better; see server and tablet configuration. No patient-identifiable information, per-patient information, or task details are sent. We hope this doesn’t bother you, but if it does, you can turn this behaviour off.

Audit trails

Legacy security

Black Hat’s options

What would it take to steal CamCOPS data?

These methods of attack sound plausible but should not be possible:

Match to NHS security requirements

Mobile device


Valid HTML 4.01 Transitional
Valid CSS