NNDIScribe
Get started

Security & privacy

NDIScribe handles participant clinical documentation. We treat that as the most-sensitive data we touch.

  • Australian data residency. Production data for Australian customers is stored and processed in Australian regions.
  • Encrypted in transit and at rest. All traffic uses TLS, and stored data is encrypted with managed keys.
  • De-identification before AI. Participant and worker names, NDIS numbers, phone numbers, emails and date-like identifiers are tokenised before any note reaches a model. Those token maps are request-scoped and are not persisted.
  • Multi-tenant isolation. Every request is bound to your organisation and every data query is scoped to it, so one provider can never read another's data.
  • Least-privilege access. Access to production is restricted, logged, and granted only when needed to operate the service.
  • Owner privacy controls. Organisation owners can export a copy of their data, or permanently delete the organisation, at any time from Settings.
  • Audit trail. Regulated AI actions, exports and key data writes append tenant audit events. We do not claim SOC 2 or hash-chained logs until independently audited.

Subprocessors

We rely on a small set of vetted infrastructure and service providers to run NDIScribe. A current list of subprocessors, with the purpose of each, is provided as part of our Data Processing Agreement and is available on request.

DPA: view terms. Privacy: view policy. Security questions: mitsi@ndiscribe.com.