Security & Privacy FAQ
Common questions about how we protect your health information
Is my data encrypted?
Yes. All data transmitted between your device and our servers uses TLS 1.2 or higher encryption. Data stored in our database is encrypted at rest using AES-256 encryption, which is the industry standard for protecting sensitive information.
Where is my data stored?
Your data is stored in secure Australian data centers with multiple layers of protection. The database runs on a private network with no public IP address, meaning it's completely isolated from the internet and only accessible through our secure application layer. This architecture ensures your medical records can never be directly accessed from outside our system.
Do you back up my data?
Yes, we back up your data daily with 35 days of retention. Backups are encrypted and stored across multiple geographic locations for disaster recovery.
Who can access my records?
We log all access to patient records - who accessed it, when, and from where. These audit logs are kept for 7 years as required by Australian healthcare regulations.
Are my consultations secure?
Voice consultations are encrypted end-to-end. SMS is only used for verification codes - we never send medical information via text message.
How are payments handled?
Your credit card details never touch our servers - you enter them directly into a secure payment form that's PCI DSS compliant. We only receive confirmation that payment was successful.
Are doctors verified?
Yes. Every doctor on our platform has their AHPRA registration verified before they can access patient records.
Do you comply with Australian privacy laws?
Yes, we comply with the Australian Privacy Act 1988. All data is stored in Australia.
Have more questions?
If you have specific security questions, we're happy to answer them.