Our Vulnerability Disclosure Process

Friends, Romans, Awesome Volunteers, lend me your ears!

We constantly get approached from you beautiful people with regard to putting you directly in touch with the contacts we have at the Health Trusts and Providers.

Whilst we do not wish to offend or dampen your volunteering efforts, we must point out that unfortunately this is not something we are able to do.

This is for several reasons, but the primary one is due to GDPR and responsibility for sharing private information.

What we can do however is share the activity or information you wish to bring to the trusts via our Threat Briefings or indeed if it warrants it, with a direct outreach to specific Trusts/Providers.

We do have direct reporting capabilities for high/critical vulnerabilities, this is handled through the intel services relevant to a specific country.

We are always willing to give volunteers who assist with a shout out or indeed attribution moving forward.

Also, we are not stopping you contacting Trusts/Providers directly, but again ask that if you do, you do it in your own capacity and make it clear to the recipients that you are not acting on our behalf or with our blessing.

Please, please, please do not take this in any other way other than the team adhering to the agreements we currently have in place.

Thank you for your continued help and support during this time.