Our Approach
Our Privacy Principles
Our approach to trust, security and privacy is built around three key principles.
Transparency: We take a human approach to how we process your information and data by being open, honest and transparent
Security: We champion industry leading approaches to securing the personal data entrusted to us
Stewardship: We accept the responsibility that comes with possessing your data
Protected at Law & Reviewed by Lawyers
To show how serious we are about privacy, we have:
voluntarily ‘opted-in’ to be treated as an organisation for the purposes of the Privacy Act, and therefore are subject to the Australian Privacy Principles
had an end-to-end privacy review by independent and qualified lawyers, who have assessed our privacy framework, policy, procedures and infrastructure
This makes sense for us as we work with a number of Healthcare, Legal and Government clients and need to ensure that there is parity in standards when it comes to managing personal information.
Our People
We recruit based on alignment with our values. That means our people share our ethos, and our commitment to our clients and the broader community.
Nonetheless, all employees:
are required to adhere to our code of conduct
are required to sign our confidentiality and security agreement
are only granted data access rights based on their job function and role
are regularly trained and tested in privacy and confidentiality principles and best-practice
pass and maintain a clear national police check
hold a working with vulnerable people clearance (if required)
Our Systems
We have invested heavily to ensure that the systems we use are enterprise grade and industry leading when it comes to security and privacy.
This includes ensuring that:
our employees can only access your data
on company owned and/or managed devices;
if their password meets complexity requirements; and
if the device is encrypted; and
if the device is within Australia; and
if their physical security key is on their person
all of our systems are enterprise grade and use the latest in security best practice standards
all of our laptops and workstations are secured via full disk encryption and are centrally managed
we diligently apply updates to employee machines and monitor employee workstations for malware
we have the ability to apply critical patches and remote wipe a machine
we use multi-factor authentication (MFA)/ one-time passwords (OTP) technology to further secure access to our corporate infrastructure
we only use a limited number of hand-selected and evaluated technology partners who comply with Australian standard or equivalent privacy and security best-practice
Physical Security
Our office is secured via CCTV and keycard access which is logged, and visitors are recorded at our front desk.
Confidentiality & Non-Disclosure Agreements
We will be happy to consider your confidentiality agreement upon commencement, or if you don’t have one we can just use ours!