Data Storage Policy

1. Introduction

MEDsort Pty Ltd (“MEDsort”, “we”, “us”, or “our”) provides an AI-powered medical document workflow automation platform for healthcare practices across Australia. Given the sensitive nature of health information processed through our Service, we maintain the highest standards for data storage, handling, and security.

This Data Storage Policy outlines where and how your data is stored, processed, and protected. It should be read in conjunction with our Privacy Policy, which explains the types of information we collect and how we use it.

We recognise that medical practices entrust us with highly sensitive patient health information. This policy reflects our commitment to maintaining that trust through transparent, robust, and Australian-based data management practices.

2. No Patient Data Storage

3. Our Commitment to Australian Data Sovereignty

All data processed by MEDsort is handled exclusively within Australia. We do not transfer or process data in any jurisdiction outside of Australia. As described in Section 2, MEDsort does not persistently store patient health information — it remains in your practice management system.

This commitment means:

• All infrastructure, databases, and storage systems are hosted in Australian data centres
• All backup infrastructure is located within Australia
• All AI and document processing occurs on infrastructure located within Australia
• No data is transmitted to overseas servers, even temporarily, for processing, analytics, or any other purpose
• All third-party service providers are contractually required to process data exclusively within Australian territory

This approach ensures that your data remains under Australian jurisdiction at all times, subject to Australian privacy law including the Privacy Act 1988 (Cth), and is not exposed to foreign government access requests or surveillance regimes.

4. Storage Infrastructure

4.1 Data Centre Location

Single-region deployment in Sydney, Australia (australia-southeast1). All application infrastructure and data processing occurs within this region.

4.2 Data Centre Standards

Our infrastructure provider (Google Cloud Platform) maintains ISO 27001, SOC 2 Type II, and other industry certifications. MEDsort's infrastructure runs exclusively on Google Cloud in Australia. Google Cloud's Australian data centres also maintain:

• Physical security including 24/7 monitoring, biometric access controls, and multi-layer perimeter security
• Redundant power supplies with uninterruptible power systems (UPS) and diesel generator backup
• Redundant cooling and fire suppression systems
• Redundant network connectivity with multiple tier-1 carriers

4.3 Database Architecture

Managed PostgreSQL database (Cloud SQL) with daily automated backups retained for 7 days. Single zonal instance with automatic storage scaling.

MEDsort does not store patient data in its database — only operational metadata such as processing status, audit logs, and practice settings. Database connections use encryption for all communications.

5. Data Processing Locations

All data processing — including application logic, API requests, background jobs, and scheduled tasks — occurs on compute infrastructure located within Australia.

5.1 Application Processing

Our web application and API servers run on Australian-based compute instances (Google Cloud Run). User requests are routed through Australian-based load balancers and never leave the country for processing.

5.2 Document Processing

Document processing in MEDsort is transient. When medical documents (PDFs, emails, attachments) are processed:

• Documents are read from your connected email account
• Content is passed through our Australian-hosted AI infrastructure for extraction (see Section 6)
• Extracted data is presented to the user for review and routing to the practice management system
• Patient data passes through for AI extraction and routing but is not persisted in MEDsort's database

At no point during the processing lifecycle does document data leave Australian jurisdiction.

5.3 Analytics and Logging

Application logs, error tracking, and performance monitoring data are processed and stored within Australian infrastructure. Any analytics data used for service improvement is aggregated and de-identified before processing.

6. AI and Document Processing

MEDsort uses artificial intelligence to extract structured information from medical documents. Given the sensitivity of health information, we have implemented strict controls around AI processing.

6.1 Australian-Based AI Infrastructure

All AI processing of medical documents occurs exclusively on infrastructure hosted within Australia. We utilise AI model deployments that are hosted in Australian data centres, ensuring that document content — including patient names, health identifiers, test results, and clinical findings — is never transmitted outside of Australia for processing.

6.2 Processing Lifecycle

When a document is submitted for AI processing:

• The document content is transmitted over encrypted channels to our Australian-hosted AI processing infrastructure
• The AI model analyses the document and extracts structured data including patient details, test types, results, and clinical notes
• Extracted data is returned to our application servers (also hosted in Australia) and presented to the user for review
• Document content is not retained by the AI processing infrastructure after the extraction is complete

6.3 Model Training and Data Isolation

Customer data is not used to train, fine-tune, or improve general-purpose AI models. Each document processing request is treated as an isolated transaction. We do not aggregate patient data across practices for model training purposes.

6.4 AI Provider Requirements

Any third-party AI provider we engage is contractually required to:

• Process data exclusively within Australian-based infrastructure
• Not retain, log, or store document content after processing
• Not use customer data for model training or improvement
• Maintain security certifications equivalent to or exceeding our own standards
• Undergo regular security assessments and provide audit reports

7. Encryption and Security

7.1 Encryption in Transit

All data transmitted between your browser and our servers, and between our internal services, is encrypted using TLS 1.2 or higher. We enforce HTTPS on all endpoints and employ HTTP Strict Transport Security (HSTS) to prevent downgrade attacks.

7.2 Encryption at Rest

All stored data is encrypted at rest using AES-256 encryption, including:

• Database contents (operational metadata, user accounts, practice settings)
• Database backups
• Application logs and audit trails

7.3 Key Management

Encryption keys are managed through a dedicated key management service hosted within Australian infrastructure. Keys are rotated regularly, and access to key management operations is restricted to a minimal set of authorised personnel with appropriate audit logging.

7.4 Network Security

• Cloud Armor web application firewall (WAF) protection against common attack vectors
• DDoS mitigation through Google Cloud global load balancing
• Cloud Armor security rules restricting traffic to required patterns and protocols

8. Access Controls

8.1 Customer Access

Access to data within the MEDsort platform is governed by role-based access controls (RBAC). Available roles include:

• Administrator— Full access to practice settings, integrations, and all platform features
• Member— Access to document inbox, processing workflows, and dashboard

User authentication is handled via Microsoft Entra ID single sign-on (SSO), which supports multi-factor authentication (MFA) enforced at the identity provider level.

8.2 MEDsort Staff Access

Access to production systems and customer data by MEDsort personnel is strictly controlled:

• Production access is limited to senior engineering and operations staff on a need-to-access basis
• All production access requires MFA and is performed through audited access management systems
• Access sessions are time-limited and automatically revoked
• All access to customer data is logged with audit trails including the actor, timestamp, and action performed
• Staff undergo background checks and sign confidentiality agreements before being granted any access

8.3 Third-Party Access

No third-party vendor is granted standing access to customer data. Where temporary access is required for support or maintenance purposes, it is granted on a time-limited, least-privilege basis with full audit logging and customer notification where applicable.

9. Backups and Redundancy

9.1 Backup Strategy

Daily automated backups retained for 7 days. Backup restoration procedures are documented and tested periodically.

9.2 Backup Location

Backups are managed by Google Cloud SQL within the australia-southeast1 region.

9.3 Recovery Testing

Backup restoration procedures are documented. We conduct periodic verification of backup integrity and restorability.

10. Data Retention and Deletion

MEDsort does not store patient data. Patient information remains in your practice management system. MEDsort only retains operational data as described below.

10.1 Retention Periods

• Operational metadata— Processing logs, audit events, and practice settings are retained for the duration of your subscription
• User account data— Retained for the duration of your subscription
• Billing records— Retained for 7 years in accordance with Australian Taxation Office requirements

10.2 Account Termination

Upon termination of your subscription, we follow a structured data deletion process:

• A 30-day grace period during which your data remains accessible for export
• After the grace period, all customer data is scheduled for secure deletion
• Data is securely deleted from primary storage within 60 days of the grace period ending
• Backup copies are purged as they naturally expire through the backup rotation cycle (maximum 7 days)

10.3 Secure Deletion

When data is deleted, we employ cryptographic erasure and secure deletion methods that render the data unrecoverable. Deletion events are logged for compliance and audit purposes.

10.4 Data Export

You may request an export of your operational data at any time during your active subscription. Exports are provided in standard, machine-readable formats (CSV, JSON) and include audit logs and account settings associated with your account.

11. Incident Response

11.1 Security Incident Handling

We maintain a documented incident response plan and respond to security events promptly. Our plan covers identification, containment, eradication, recovery, and post-incident analysis. Customers are notified of relevant incidents in accordance with the Notifiable Data Breaches scheme.

11.2 Breach Notification

In the event of a data breach that is likely to result in serious harm, we will:

• Notify the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches scheme (Part IIIC of the Privacy Act)
• Notify affected customers and individuals as soon as practicable, and no later than 30 days after becoming aware of the breach
• Provide clear information about what data was affected, the likely consequences, and the steps we are taking in response
• Offer guidance to affected individuals on protective measures they can take

11.3 Vulnerability Management

We conduct regular vulnerability assessments and penetration testing of our infrastructure and application. Critical vulnerabilities are patched within 24 hours of identification, and high-severity vulnerabilities within 72 hours.

12. Compliance and Standards

MEDsort's data storage and handling practices are designed to meet or exceed the following standards and regulatory requirements:

• Privacy Act 1988 (Cth)— Including the Australian Privacy Principles (APPs) and the Notifiable Data Breaches scheme
• My Health Records Act 2012— Where applicable to the handling of My Health Record information
• State and territory health records legislation — Including the Health Records Act 2001 (VIC) and the Health Records and Information Privacy Act 2002 (NSW)
• Australian Signals Directorate Essential Eight — We align our security controls with the ASD Essential Eight framework
• OWASP Top 10— Our application development practices address the OWASP Top 10 web application security risks

We engage independent auditors to periodically assess our compliance with these standards and are committed to transparency in our security and compliance posture.

13. Changes to This Policy

We may update this Data Storage Policy from time to time to reflect changes in our infrastructure, technology, security practices, or regulatory requirements. When we make material changes, we will:

• Update the “Last updated” date at the top of this page
• Notify registered users via email or through an in-app notification
• Provide at least 30 days' notice before any change that would alter the geographic location of data storage or processing

We are committed to maintaining Australian-based data storage and processing. Any change to this commitment would require explicit opt-in consent from affected customers.

14. Contact Us

If you have questions about this Data Storage Policy, our security practices, or wish to request information about where your data is stored, please contact us:

For our full privacy practices including information collection, use, and your rights, please refer to our Privacy Policy.