When you visit any website, it may store information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device, and is mostly used to make the site work as you expect it to. It doesn't usually directly identify you, but it can give you a more personalised web experience.
Data security and privacy are critical for modern digital healthcare providers. At coreplus, we take this responsibility seriously. Our cloud-based practice management platform, trusted by over 25,000 allied health professionals across Australia, is powered by Amazon Web Services (AWS), giving you enterprise-grade security and reliability. coreplus ensures you can capture, store, and transmit health information in a secure, seamless and compliant way. We adhere to Australian health standards (like HL7, FHIR and CDA) and apply best-practice security measures such as encryption and access controls, all within a high-availability environment backed by AWS’s globally recognised compliance framework. In short, we help you practice digitally with confidence, knowing your clients’ privacy and your regulatory requirements are fully supported.
coreplus connects you to other healthcare professionals and referrers via secure messaging. You’ll join a connected digital health network where providers can safely look each other up and share client information in real time. Messages and e-referrals sent via coreplus are encrypted and compliant with healthcare data exchange standards (HL7, FHIR, CDA) as required by the Australian Digital Health Agency. This means you can communicate and collaborate without worrying about privacy breaches or incompatibilities, everything is handled in a seamless, secure, and standards-compliant system.
coreplus protects your data with 256-bit SSL encryption, using a certificate from Thawte, the same level trusted by banks. All data is encrypted both in transit and at rest using industry-standard protocols that align with AWS’s global compliance frameworks, including ISO 27001 and SOC 2. Role-based access controls ensure that only authorised team members can view sensitive information, so your client data stays secure, private and under your control at all times.
coreplus gives you built-in protection with multi-factor logins, access controls, audit trails and data masking to help prevent unauthorised access. Hosted securely on AWS, our platform is continuously monitored and updated to stay ahead of threats. The infrastructure is certified for ISO 27001, 27017 and 27018 and undergoes regular SOC 2 and SOC 3 audits, giving you confidence you're complying with your data processing and storage requirements. We don’t just tick boxes. We build coreplus with multiple layers of protection that align with global best practices.
coreplus is hosted on Amazon Web Services (AWS), the same high-security infrastructure trusted by banks, governments and the military. All data is processed, stored and backed up within Australia using AWS’s Sydney and Melbourne cloud regions. These data centres are protected with 24/7 on-site security, CCTV surveillance and strict multi-factor entry controls. Your information is stored securely and redundantly, with data replicated across multiple AWS availability zones to prevent loss from any single failure. We also maintain off-site backups for added protection.
Together, AWS’s resilient architecture and coreplus’s design deliver reliable performance, minimal downtime and world-class protection for your practice.
Healthcare data is valuable, and cyber incidents can happen. coreplus helps mitigate many risks, but it’s important to understand common threats.
A cyber security breach is any incident where someone gains unauthorised access to systems or data. For example, malware or a hacker might exploit a weakness to view confidential information. Such breaches typically occur when a cybercriminal bypasses security defenses. coreplus reduces this risk by using secure architecture and continuous monitoring, but staying vigilant is still key. We advise using strong passwords and our provided security features so that bypassing your defenses becomes extremely difficult for attackers.
Human error is one of the leading causes of security issues. In today’s busy and complex work environments, it’s easy for practitioners or staff to slip up, perhaps by reusing a simple password, clicking a suspicious link, or accidentally sharing information with the wrong person. Without secure, convenient solutions in place, people might take unsafe shortcuts (like writing down passwords or emailing data to themselves) which can lead to breaches. coreplus helps by providing user-friendly security measures (like single sign-on and multi-factor authentication) to minimize the burden on you and your team. However, staying alert and following best practices is important: with the right habits, the risk of an incident caused by human error goes way down.
A data breach is a security incident in which sensitive information is accessed or disclosed without permission. Data breaches can harm your business and your clients in serious ways – from financial costs and operational disruption to reputational damage and loss of trust. Recovering from a major breach can be time-consuming and costly. coreplus is designed to prevent breaches with its strong security controls. By using coreplus and following recommended security steps, you significantly reduce the likelihood of exposing patient data. In the unlikely event of a serious breach, coreplus will work with you to respond promptly in line with regulations (including Australia’s Notifiable Data Breaches scheme) to mitigate harm. Our goal is to help your practice avoid breaches entirely, so you can focus on care without worry.
coreplus supports multi-factor authentication (MFA), which adds a second layer of protection to your login. With MFA turned on, even if someone has your password, they can’t access your account without a verification code. We recommend enabling MFA for all users as a simple, powerful way to boost security.
Your practice needs to run smoothly every day. coreplus is hosted on Amazon Web Services (AWS) for dependable uptime, with built-in redundancy and regular system monitoring. If an issue arises, our team works quickly to resolve it so you can stay focused on client care, not tech hiccups.
coreplus helps you handle personal health information in line with Australian privacy laws. We only collect the data needed to deliver services, and we never share it without permission. You stay in control of your data, and we help you keep it secure and private.
coreplus is designed to help you meet the Australian Privacy Principles (APPs) and comply with the Privacy Act 1988. We support healthcare interoperability standards like HL7, FHIR and CDA, as recommended by the Australian Digital Health Agency. With built-in privacy and data protections, coreplus helps you meet your legal responsibilities while managing your practice efficiently.
Healthcare remains the most targeted sector for data breaches in Australia. Between July and December 2024, the Office of the Australian Information Commissioner (OAIC) received 595 data breach notifications, with the health sector accounting for around 20% of all reported breaches. This was more than any other industry, including finance. Cybercriminals continue to target valuable information like medical histories, Medicare numbers and payment details, making even smaller practices potential targets. That’s why coreplus prioritises security, combining built-in safeguards with AWS infrastructure to help protect your data and your patients.
The Australian Privacy Principles (APPs) guide how organisations like healthcare providers must collect, use and manage personal information. There are 13 principles under the Privacy Act 1988, covering everything from consent and security to access and correction. coreplus is built to help you meet these obligations with ease.
coreplus maintains an up-to-date Privacy Policy that outlines how we collect, store and protect personal information. We recommend sharing it with clients who have questions about privacy. Transparency is part of how we support your practice.
We take reasonable steps to protect data from loss, misuse or unauthorised access. Your data is stored in AWS’s secure Australian cloud infrastructure, protected by strong encryption and role-based access controls. Our security practices are reviewed regularly to ensure ongoing compliance.
coreplus only uses personal information to deliver our services and gives you full control over who in your team can access what data. We do not share your client information with third parties unless required by law or authorised by you. Since all data is hosted in Australia, there is no unauthorised overseas disclosure. This helps you meet your cross-border data responsibilities under APP 8.
.svg){kind=icon}
When clients need access to their records or request updates, coreplus makes it simple. You can securely retrieve and export client data or make corrections directly within the platform, supporting your responsibilities under the APPs.
coreplus is designed with privacy at its core, not just to tick a compliance box but to support ethical healthcare delivery. We stay up to date with privacy law changes so your practice stays compliant without extra effort.
.webp){kind=logo}
.png)
