Security, privacy & accountability

Imaging systems hold deeply sensitive clinical data. We treat confidentiality, integrity, and availability as engineering requirements tied to the Australian Privacy Principles and healthcare sector expectations—not as a policy PDF layered onto a consumer-grade product.

Identity, authorisation, and least privilege

Standing privilege is a liability. Role design should reflect real job functions, with break-glass pathways that are rare, time-bounded, and auditable. Session behaviour on shared workstations and mobile endpoints must be predictable enough for clinical staff to comply without friction—and strict enough for your privacy office to defend.

We emphasise separation of duties for administrative actions that can change clinical visibility: template edits, integration mappings, and bulk exports should not be single-click operations without appropriate approvals and logging.

Detecting and responding to threats as continuity risk

Cyber events are clinical continuity events. Imaging departments need rehearsed degraded modes, clear ownership for decision-making during partial outages, and communication templates that keep referrers informed without leaking sensitive detail. Our security conversations start from those realities rather than from abstract “zero trust” slogans.

Logging and monitoring should answer forensic questions without drowning operators in noise: who accessed a study, from which device context, and which administrative action changed permissions? Retention of logs must align with your organisational policy and lawful requirements.

Privacy by design in product behaviour

Data minimisation is not only about storage; it is about what appears on screen by default, what can be exported, and how long derived artefacts persist. We work with customers to align product configuration to local policy, including state-specific nuances where they affect imaging distribution and referrer access.

Accountability also means honest disclosure when things go wrong. Incident response playbooks should connect vendor actions, customer communications, and regulator obligations—without marketing deflection language that wastes the first critical hours.