NHS pension and tax work is too complex for generic client workflows

Yes. The workspace is built for regulated professionals advising NHS staff — accountants, tax advisers, and independent financial advisers. Consent links, the client document view, API access, and firm branding follow the same model for IFA practices as for accountancy firms. IFAs typically use AI-extracted pension input figures, three-year carry-forward views, and McCloud remedy prompts as draft evidence for your own review before client meetings — not as regulated advice. Your clients connect their account; you see the same documents and analyses under their consent. If you advise NHS staff on pensions, retirement, or broader financial planning, the tooling is designed around that workflow.

Yes. NHS clients choose an NHS pay region in their own account. Tax calculators use Scottish income tax bands when they are Scottish taxpayers, recognise Welsh taxpayer coding and Welsh rates of income tax when they apply, and use UK income tax bands for Northern Ireland (the same marginal structure as England). Consent, readiness, packs, and audit work the same for staff in England, Scotland, Wales, and Northern Ireland.

After you subscribe or start a trial, an in-app checklist on Client Readiness guides your firm: activate billing with Stripe, add logo and colours on the branding page, then send your first client consent invite from Settings. Progress ticks off as you go, and the card can be dismissed once you are live. The self-serve workflow is designed for specialist firms advising NHS professionals: create a workspace, configure branding, send a consent link, let clients upload evidence, review readiness, chase missing documents, and generate a branded pack before the meeting. It is especially useful for AISMA-qualified or NHS-specialist accountants handling pensions, annual allowance, P60s, payslips, self-assessment, and evidence-heavy NHS client work; NHS-focused IFAs and financial planners use the same workflow for pension strategy and retirement-planning evidence.

Yes. Client data access is gated behind explicit, granular consent from the data subject — not organisational membership alone. Clients can revoke access from their own account; revocation is enforced promptly and recorded in an append-only audit trail. The platform is designed to support your firm's obligations as a data controller under UK GDPR and the Data Protection Act 2018.

Your NHS clients are the data subjects. Your firm acts as data controller for your client relationships. NHS Financial Planner acts as a data processor, processing data only under instruction from your firm and within the bounds of each client's explicit consent. We provide a standard Article 28–style Data Processing Agreement — request a copy during onboarding or from our team before you go live.

A Data Protection Impact Assessment is recommended best practice for practices handling health-adjacent financial data at scale. Our platform provides the technical and organisational documentation you will need: audit logs, processing records, consent trails, and security architecture notes. Contact us and we will share our security documentation pack to support your DPIA.

Client data is stored on UK and EEA infrastructure. A full list of sub-processors — including their jurisdictions and the nature of processing — is included in the Data Processing Agreement. Contact us for a copy before onboarding if data residency is a condition of your engagement.

Identity verification and Customer Due Diligence under the Money Laundering Regulations 2017 remain your firm's responsibility. The platform's append-only audit trail — recording which team member accessed which client's documents, at what time, and from which IP address — supports your MLR record-keeping requirements. It does not substitute for your firm's AML policies or client identification procedures.

Yes. Admin users can generate hashed API keys (SHA-256, with optional expiry dates) for server-to-server requests. Keys carry member-level access: they can read consented client data but cannot perform administrative actions such as inviting members or modifying settings. See the Workspace API Guide for use cases, examples, endpoints, permissions, and security best practice.

The workspace is designed around NHS-specific evidence, not generic file storage. The high-value outputs are branded client packs and PDFs containing annual allowance and carry-forward summaries, pension input period breakdowns, McCloud remedy evidence for tax-reclaim discussions, supporting figures for self-assessment work, missing-evidence flags, and professional disclaimers. The readiness dashboard helps your team see which clients have enough evidence for those outputs and which still need pension statements, payslips, or P60s.

It is not trying to replace a full general-purpose CRM. It is a specialist NHS client workflow layer: consent status, readiness, evidence chasing, notes, tasks, next review dates, persistent client-scoped AI chat, packs, reminders, and compliance evidence live around the same client record. Many firms will still export or integrate with their core CRM or practice management system.

Yes. Organisation members can ask AI questions against a consented client's document context from the client record. The chat history persists with that client, access is audit logged, and the system is designed to support professional review rather than replace regulated advice.

Yes. Admins and owners can send evidence reminder emails from the client record. The reminder uses the client's readiness and missing-evidence state, links back to the consent/document portal, and is written to the organisation audit trail.

Yes. The workspace includes consent receipts, organisation-scoped audit logs, and CSV audit export. Client packs can also be printed or downloaded as branded PDFs for meeting preparation and client files.

The existing professional referral system tracks NHS staff engagement with IFAs and accountants. Practice workspaces build on that direction by giving selected professional firms a branded, consent-based client workspace after a relationship exists. For IFAs, the branded consent portal and NHS-specific pension evidence workflow can support both client acquisition and ongoing review meetings.

Self-serve checkout starts with simple per-adviser seat pricing because it is easy to understand and keeps clients free. Larger firms can discuss client-band, fixed-practice, or partnership pricing if that better matches their commercial model.

When an organisation is closed, all active client consents are revoked in the same database transaction as the organisation soft-delete, and affected clients are notified by email. Your NHS clients keep their own accounts and their personal data. Organisation rows, memberships, and audit history are kept in soft-deleted form for audit integrity — not hard-deleted. Exact retention and erasure timelines for processor-held data are set out in our Privacy Policy and DPA; contact us if you need a bespoke schedule.

Partly today, by design where it matters professionally. Organisation plans include a firm subdomain plus logo and colours for client-facing adviser outputs — especially the Client Financial Pack (preview, print, and PDF), which carries your primary colour and (on-screen) your logo alongside your firm name. The public marketing homepage and broader product chrome stay NHS Financial Planner–branded; we focus firm identity on tangible client deliverables rather than replacing the entire site skin. Custom domains and branded transactional email senders are available with additional setup.