# Practice Digital — vulnerability disclosure
# https://datatracker.ietf.org/doc/html/rfc9116

Contact: mailto:security@practicedigital.co.uk
Contact: https://practicedigital.co.uk/contact.html
Expires: 2027-05-19T00:00:00.000Z
Encryption: https://practicedigital.co.uk/.well-known/security-key.txt
Preferred-Languages: en, cy
Canonical: https://practicedigital.co.uk/.well-known/security.txt
Policy: https://practicedigital.co.uk/security.html

# Thank you for taking the time to disclose security issues responsibly.
# We aim to acknowledge reports within one working day and remediate
# valid issues within 14 days for high-severity, 30 days for medium-
# severity, and best-effort for low-severity.
#
# Practice Digital is owned and run by a small team of working NHS
# doctors and practice managers. We take security of patient-facing
# healthcare websites seriously. If you find an issue please reach
# out before public disclosure.