Hosted Services FAQs

LabHQ is a hosted LIMS system meaning our customers do not need to purchase software licenses, or invest in on-site servers to store and manage their data. It also facilitates efficient LIMS deployment.

Download the PDF version here.

1. Where is my data stored?

Broughton Software manage your data security in partnership with Iomart, a global, leading provider of complex managed and cloud computing services. As part of our Quality Management System, Iomart have gone through our supplier approval process and we audit them on a regular basis. Our servers are located in Manchester, UK.

2. Who owns the data once it is hosted with the service provider?

The client has full ownership of all their data as documented within the client contract. Broughton Software Limited (BSL) is a software provider for data processing for its customers, and all customer data and information is classified as confidential and treated accordingly.

3. What is your data backup and restore process and who is responsible for it?

Broughton Software is responsible for establishing and managing server and application hosting in accordance with approved client contracts. This will include the backup schedule and restore process as required by clients. The following is the standard default policy for data backup:

  • Daily overnight backup.
  • Retention is set by default to the last 7 days.
  • Backups of all server components, files, directories, and databases.
  • Backups are stored offsite across several Datacentres.

All backup servers are monitored on a 24/7 basis with daily email reporting.

The results of backup jobs are recorded and continuously monitored. Any identified issues or exceptions are logged as incidents within our Quality Management System and investigated accordingly.

The restore process is tested on a regular basis, and the process for restore is a documented procedure controlled within our Quality Management System.

4. What operating system does LabHQ run on and what hardware is used?

The database and e-mail server runs a Linux CentOS Operating System and the application server runs a Windows Server 2012 Standard Edition. For client installations, a PC with a Windows Vista, 7, 8 or later operating system is required.

5. Do you provide system patches, upgrades and maintenance? How do you manage planned downtime?

Broughton Software operate an infrastructure configured for High Availability including redundant servers / spares cabinet for all servers.

Planned preventative maintenance, including system patches and upgrades, are scheduled activities designed to avoid downtime to the application in accordance with customer requirements. Any planned activities will be communicated effectively with clients in accordance with approved client contracts. A minimum of 7 days’ notice is given in the event of such events. For unplanned maintenance, we endeavour to resolve issues within 4 hours.

6. Does the service provider have end to end data encryption?

Yes. We provide end-to-end encryption for all system data. Client information is encrypted using the security protocol SSL (Secure Sockets Layer) for data transmission and the Advanced Encryption Standard (AES-128 bit keys or larger) for data storage. Any removable media used is encrypted.

7. How is access to customer data controlled?

Physical access to client data is limited to trained authorised personnel only, bearing photographic ID. All infrastructure and managed services are contained in a physically secured environment within Datacentres. There is no unaccompanied access allowed within the infrastructure/managed services area of our Datacentre. Our data centres have 24 hour security, air cooling systems, fire detection and suppression systems and uninterrupted power supply systems.

Electronic access to client data is controlled in accordance with procedures documented in our Quality Management System. Access is limited to trained and authorised personnel and periodic reviews are carried out.

8. Does the service provider have a disaster recovery plan?

Yes. Broughton Software document and control its business continuity plan as part of its Quality Management System. The plan is designed to comply with the business continuity requirements of our customers and aligned with BS 25999-2 including disaster recovery and service continuity.

Our data storage provider is certified to Business Continuity Standard ISO 22301 & Information Security Management Standard ISO 27001.