aurii
Security

Hospital-grade by default. Not a feature flag.

aurii is built to host clinical data for Australian private-hospital specialists. The posture below is the default for every tenant, Solo and Hospital alike.

CH 01 · DATA
AU
Resident in Australia East
Backups in Australia Southeast (Melbourne).
CH 02 · KEYS
CMK
Per-class keys
Customer-managed keys via Azure Key Vault. Rotatable.
CH 03 · AUDIT
7 yr
Append-only
Hash-chained note versions. Tampering detectable.
CH 04 · REG
IIa
TGA pathway
In flight for aurii.ai modules. Validation cohort active.
Posture 01 / 06 Data residency

Australia, in both copies.

  • 01 Production data lives in Microsoft Azure Australia East (Sydney).
  • 02 Backups land in Australia Southeast (Melbourne).
  • 03 No transit through US or EU regions for clinical data.
  • 04 Sub-processors that touch clinical data are configured for AU or AU/EU routing.
Posture 02 / 06 Encryption

Customer-managed keys per data class.

  • 01 Three CMKs in Azure Key Vault: clinical, audio, audit.
  • 02 Each data class encrypts under its own key, rotatable independently.
  • 03 Encryption in transit on every network hop, including internal service-to-service.
  • 04 TLS 1.2+ enforced. HSTS preload on web surfaces.
Posture 03 / 06 Identity + access

Email plus TOTP. WebAuthn for biometric.

  • 01 Email and password plus TOTP MFA mandatory for every clinical user.
  • 02 WebAuthn biometric enrolment on supported devices for low-friction resume.
  • 03 Cross-tenant access is blocked at the database row level and is auditable.
  • 04 Application role lacks UPDATE / DELETE on the audit and TGA-audit tables.
Posture 04 / 06 Audit + record integrity

Append-only. Hash-chained. Seven-year retention.

  • 01 Every clinical write produces an audit log entry. Append-only at the database level.
  • 02 Note versions are hash-chained. Tampering between versions is detectable.
  • 03 Retention 7 years, the conservative reading of AHPRA and state record-keeping standards.
  • 04 Audit data is exportable on tenant request, encrypted in transit.
Posture 05 / 06 Regulatory posture

TGA Class IIa pathway. APP compliance. OAIC NDB.

  • 01 TGA Class IIa registration in flight for aurii.ai modules. Module 16 runs only on the validation cohort until registration is live.
  • 02 Australian Privacy Principles compliance. OAIC notifiable-breach reporting within 30 days.
  • 03 Quality management system scaffolded under ISO 14971 (risk) and IEC 62304 (software lifecycle).
  • 04 Records cooperate with TGA, AHPRA, and OAIC lawful access. Affected tenants notified where lawful.
Posture 06 / 06 Operational security

Lock the deploy path. Lock the on-call path.

  • 01 GitHub Actions deploy via Azure workload-identity-federation. No long-lived secrets.
  • 02 Bicep IaC under what-if review. Production changes are reviewed before they ship.
  • 03 On-call access uses just-in-time elevation with audit trail.
  • 04 Penetration test scheduled before pilot launch. Annual cadence after.
Sub-processors

The third parties that touch tenant data.

Each sub-processor operates under a written agreement with a defined data scope. The aurii.ai is the platform brand for clinical decision-support inference; the underlying provider sits in this list.

aurii sub-processor list. Sub-processor name, purpose, data scope, and processing region.
Sub-processor Purpose Data scope Region
Microsoft Azure Application + database + storage hosting All clinical, account, audio, audit data Australia East (Sydney), Australia Southeast (Melbourne) for backups
AssemblyAI Voice transcription (dictation + ambient capture) Audio + transcript text AU / EU routing
Anthropic Clinical decision-support inference (aurii.ai) De-identified note context + structured prompts AU / EU routing
Stripe Subscription billing (Solo Checkout, Hospital Invoice) Customer + billing metadata. No clinical data. AU entity
SendGrid Transactional email (sign-in, billing, notifications) Email address + message content Region-controlled mail relay
Medical Objects Secure clinical messaging gateway (Module 08 letters + Module 13 pathology) Discharge letters, pathology summaries, recipient HPI-O Australia
Azure AI Document Intelligence OCR for hospital labels, chart front pages, medication charts (Module 02) Page image at capture time. Extracted fields persist; raw image dropped. Australia East
Cloudflare Edge TLS termination, DNS, caching for marketing surface Public marketing assets only. No PHI passes through. Global edge

IT review documents available on request

Hospital reviewers receive the full security questionnaire, network diagram, and DPA on request to security@aurii.com.au. We turn around inside one business day.

Bring this to your IT review.

Detailed security questionnaire, network diagram, and DPA available on request.

Email security All channels