Security · Privacy · Compliance · Infrastructure

Trust Centre

Security, compliance, and infrastructure in one place — built for health service CTOs and security teams who need straight answers.

Explore by Topic

Encryption at rest and in transit, SSO, MFA, RBAC, audit logging, and security-by-design.

What we collect and do not collect, data subject rights under APPs and GDPR.

Privacy Act, all 13 APPs, NDB Scheme, GDPR where applicable.

Singapore (Render) for global default; AWS Sydney when Australian sovereignty is required.

Containers, CI/CD, dual-region deployment, secure updates without cutting corners.

Data: Workforce data only — no patient data, no payment data. Technically enforced.
Encryption: AES-256 at rest · TLS 1.2+ in transit · AWS KMS (Sydney)
Auth: SSO · Entra ID · Google · OIDC · MFA · RBAC
Regions: Singapore (Render) and AWS Sydney — both live. Choose your region.
Compliance: Privacy Act · APPs · NDB · GDPR (where applicable)
Certifications: Render: SOC 2 Type II, ISO 27001. AWS Sydney: SOC 2, ISO 27001, IRAP-assessed.

🔍

We state where data lives, what we process, and which certifications we — and our providers — hold.

📋

We build and operate to Australian and, where relevant, international standards. We do not overclaim certifications.

⚡

We ship quickly on modern infrastructure without compromising security controls or compliance obligations.

🗺️

Global default (Singapore, Render) and Australian hosting (AWS Sydney) so you can match your policy and risk appetite.

We can provide additional technical documentation as part of a formal procurement review.

Start a free trial, try the live demo, or book a guided walkthrough with our team.