Trust Centre
    Security and Compliance

    Built for the most vulnerable. Secured to the highest standard.

    careplans ai delivers AI voice companions designed for vulnerable populations across aged care, disability, postnatal care, and beyond. Trust is not optional. This page details our security posture, data handling practices, regulatory alignment, and vendor certifications.

    Full control assessments
    Our complete control-by-control responses to the Essential Eight, ISO 27001:2022, and NIST CSF 2.0.
    View assessments (passcode required)

    Vendor Infrastructure

    Our platform is built on enterprise-grade infrastructure providers, each independently certified to the highest security standards.

    Anthropic
    AI language model (Claude API) and independent safety layer (Claude Haiku)
    SOC 2 Type II
    Hume AI
    Voice AI interface (EVI 4)
    SOC 2 Type IIEnterprise, no training
    Supabase
    Database and authentication
    SOC 2 Type II
    Twilio
    Telecommunications and voice
    SOC 2 Type IIISO 27001
    Vercel
    Application hosting and deployment
    SOC 2 Type II

    Data Handling

    How we store, process, and protect data across the platform.

    Encryption
    AES-256 encryption at rest. TLS 1.2+ encryption in transit across all connections.
    Data Residency
    Primary infrastructure (database, hosting, telephony) operates in Australian regions. AI inference providers (Anthropic, Hume) may process under enterprise zero-retention terms outside Australia; see DPA Schedule A for the per-vendor breakdown.
    Access Control
    Role-based access controls (RBAC) with row-level security enforced at the database layer via Supabase. Administrative and infrastructure access (database, hosting, source control, email) is protected by multi-factor authentication. Platform multi-factor authentication is available, with enforcement rollout to staff and end users in progress.
    AI Model Training
    Conversation data is never used to train AI models. All AI providers (Anthropic, Hume) are configured with zero-retention or equivalent enterprise data processing agreements.
    Audit Logging
    All voice companion interactions are logged with timestamps, conversation metadata, and compliance markers. Full audit trail available to providers.
    Independent Safety Layer
    A secondary AI model (Claude Haiku via Anthropic, internally referred to as "Trailing Stop") evaluates voice interactions in near-real time for off-topic drift, medical advice, prompt leakage, inappropriate content, and emotional manipulation, a redundant layer beyond the primary persona.
    Dependency and Supply Chain Scanning
    Application dependencies are scanned continuously against the GitHub Advisory Database via GitHub Dependabot, with automated remediation pull requests. Vulnerabilities assessed as critical are prioritised under a documented patch and vulnerability management policy.
    Endpoint Hardening
    Administrative workstations run with Memory Integrity, Local Security Authority protection, Microsoft's vulnerable-driver blocklist, and Attack Surface Reduction rules enabled. Office macros are disabled by policy and legacy components removed. No customer data is stored on endpoints.

    Supported Regulatory Frameworks

    careplans ai is designed to operate within and generate evidence for the following regulatory frameworks.

    Aged Care Act 2024
    Strengthened Aged Care Quality Standards (ACQS 2025). Evidence generation mapped across all seven standards with emphasis on person-centred care, dignity, and consumer engagement.
    Active
    NDIS Practice Standards
    Voice companion support for NDIS participants aligned with practice standards and the July 2026 NDIS reforms. Goal tracking and wellbeing monitoring built in.
    Active
    Australian Privacy Principles
    Full compliance with the Privacy Act 1988 and Australian Privacy Principles (APPs). Data collection limited to what is necessary, with transparent consent and access rights.
    Active

    Voice Companion Safety Protocols

    Purpose-built protocols governing how our AI voice companions interact with vulnerable populations.

    2.16Contentious Topics Management
    2.17Empathetic Response Framework
    2.18Red Flag Identification and Escalation
    2.19Persona Continuity and Consistency

    Security Testing

    Independent security assessments and our certification roadmap.

    Vendor SOC 2 Alignment
    All infrastructure vendors independently SOC 2 Type II certified
    Complete
    Safety Protocol Suite (2.16 to 2.19)
    Vulnerable population interaction protocols developed and accepted
    Complete
    Essential Eight Self-Assessment
    Control-by-control self-assessment against the ACSC Essential Eight across all eight mitigation strategies
    Complete
    NIST CSF 2.0 Self-Assessment
    Self-assessment across all six functions of the NIST Cybersecurity Framework 2.0
    Complete
    ISO 27001:2022 Control Mapping
    Controls mapped and self-assessed against ISO 27001:2022 Annex A
    Complete
    Bitsight Trust Hub Assessment
    Essential Eight questionnaire completed control-by-control (all 149 controls) in Bitsight Trust Hub for enterprise customer vendor review
    Complete
    Penetration Testing
    Grey box assessment scoped across web application, API, and voice infrastructure; vendor selection in progress
    Target Q3 2026
    SOC 2 Type II (Independent)
    Platform-level SOC 2 Type II certification
    Target H2 2026
    ISO 27001
    Information security management certification for international expansion
    Target 2027

    Frequently Asked Questions

    Quick answers to the questions security and compliance reviewers most often ask.

    Will resident, family, or carer data be used to train AI models?+
    No. All AI providers in our production stack operate under enterprise terms with no-training-by-default. We do not train our own models on customer data; our AI providers (Anthropic, Hume) contractually undertake not to use customer input data to train their underlying models without our explicit opt-in.
    Where is data stored and processed?+
    Primary infrastructure — database (Supabase), hosting (Vercel), and telephony (Twilio) — operates in Australian regions. AI inference providers (Anthropic, Hume) may process data outside Australia under enterprise zero-retention terms. Per-vendor processing regions are detailed in our Subprocessor Schedule, available on request.
    Who can access our organisation's data?+
    Access is enforced at the database layer through Row-Level Security (RLS) policies scoped to facility, organisation, and tenant. Internal Careplan AI personnel access is restricted under documented support and incident-response workflows. Customer admins are provisioned by Careplan AI per the customer's nominated user list.
    How do you handle an AI safety failure during a call?+
    Every voice companion turn is independently evaluated by a secondary model (Claude Haiku via Anthropic, internally referred to as "Trailing Stop") against rules covering medical advice, prompt leakage, inappropriate content, off-topic drift, and emotional manipulation. Flagged turns generate a clinical alert routed to your on-call workflow. Persona-level guardrails in the primary prompt are the first defence; the Trailing Stop is the second.
    Can you sign a Data Processing Agreement?+
    Yes. A DPA aligned with the Australian Privacy Principles and your procurement framework is available under the Detailed Security Documentation section below. Our DPA template is currently under legal review with Hall & Wilcox.
    What is your incident notification SLA?+
    We will notify your nominated security contact within 24 hours of confirming an Eligible Data Breach. We commit to OAIC notification within 72 hours of becoming aware, per the Privacy Act 1988, and voluntarily report significant cyber security incidents to the Australian Signals Directorate via ReportCyber. Our full Notifiable Data Breach Response Plan, including containment, evidence preservation, and post-incident review, is available under NDA.
    Are voice conversations recorded? How long are recordings retained?+
    Yes — voice interactions are captured for clinical-safety, quality-improvement, and audit purposes, with consent obtained as part of customer onboarding. Default retention is 90 days unless extended by written agreement with the customer. Customers may request deletion of specific recordings or all recordings on offboarding.

    Detailed Security Documentation

    The following audit-grade artefacts are available to qualified customers and security reviewers under a mutual non-disclosure agreement.

    Information Security Policy
    Access control, cryptography, network security, AI safety, vendor management, logging, and policy governance.
    Under NDA
    Notifiable Data Breach Response Plan
    OAIC 72-hour notification commitment, internal triggers, response phases, contact tree, and post-incident review.
    Under NDA
    Business Continuity Plan
    Recovery objectives (RTO 4hr, RPO 1hr), provider-specific runbooks for outage scenarios, and personnel continuity arrangements.
    Under NDA
    Disaster Recovery Restore Test Runbook
    Step-by-step database restore and recovery verification procedure used to test recovery objectives.
    Under NDA
    Patch and Vulnerability Management Policy
    Detection, severity classification, and remediation timeframes including a 48-hour critical patch commitment, across platform, application, and dependency layers.
    Under NDA
    MFA Implementation and Rollout Plan
    Multi-factor authentication design and staged rollout: enforced for administrative access, with TOTP and SMS options for staff and end users.
    Under NDA
    Risk Management Strategy
    Information security risk identification, assessment, treatment, and review approach proportionate to the operating model.
    Under NDA
    Subprocessor Schedule
    DPA-attachable list of subprocessors with data categories, processing regions, training opt-out status, and certification evidence.
    Under NDA
    CAIQ-Lite Pre-fill
    Pre-emptive answers to the Cloud Security Alliance vendor questionnaire across all standard control areas.
    Under NDA
    Vendor SOC 2 Type II Reports
    Independent reports from Anthropic, Hume AI, Supabase, Twilio, and Vercel available under each vendor's NDA terms; Twilio also holds ISO 27001.
    Under NDA
    Data Processing Agreement
    DPA aligned with the Australian Privacy Principles and the customer's procurement framework, currently under legal review.
    Under NDA
    Cyber Insurance Certificate of Currency
    Current Certificate of Currency from our insurer, available on request.
    Under NDA

    Updates

    Recent changes to our security posture, documentation, and infrastructure.

    Bitsight Trust Hub assessment completed
    Essential Eight control-by-control questionnaire (149 controls) completed in Bitsight Trust Hub for enterprise customer vendor review. ISO 27001:2022 responses in progress in-platform.
    12 June 2026
    Security frameworks self-assessed
    Control-by-control self-assessments completed against the ACSC Essential Eight, NIST CSF 2.0 (all six functions), and ISO 27001:2022 Annex A. Available to reviewers on request.
    7 June 2026
    Workstation and endpoint hardening
    Memory Integrity, Local Security Authority protection, Microsoft's vulnerable-driver blocklist, and Attack Surface Reduction rules enabled and verified. Office macros disabled by policy and PowerShell 2.0 removed.
    5 June 2026
    Patch and MFA policies published
    Patch and Vulnerability Management Policy (48-hour critical commitment) and MFA Implementation and Rollout Plan added to the documentation pack. Incident Response Plan updated to v1.1 with voluntary ASD ReportCyber reporting and evidence-preservation procedures.
    4 June 2026
    Automated dependency scanning enabled
    GitHub Dependabot enabled across all application repositories, scanning dependencies continuously against the GitHub Advisory Database with automated security update pull requests.
    3 June 2026
    Trust Centre refresh — v1.1
    Trailing Stop model attribution corrected (Claude Haiku via Anthropic). Data residency wording refined to reflect AI provider processing regions. Detailed Security Documentation section added.
    12 May 2026
    Security Pack v1.0 drafted
    Information Security Policy, Notifiable Data Breach Response Plan, Business Continuity Plan, Subprocessor Schedule, and CAIQ-Lite Pre-fill drafted and available under NDA.
    12 May 2026
    Production security hardening
    PII redaction before AI inference, SSRF prevention on outbound URL fetches, and CORS origin allowlist (replacing wildcards) shipped across all production environments.
    1 April 2026
    Trust Centre launched
    Initial public trust centre covering vendor infrastructure, data handling, regulatory frameworks, voice safety protocols, and certification roadmap.
    April 2026

    Request the Security Pack

    If you are evaluating careplans ai for your organisation and require the documentation listed above, we will provide it under a mutual non-disclosure agreement. Typical turnaround is two business days.

    View control assessments (passcode required)
    CareplanAI Pty Ltd (ABN 92 691 158 237)
    We use a small set of cookies to keep you signed in and to understand usage. See our Privacy Policy.