At Docca, we are committed to protecting the safety, security, and privacy of the healthcare providers and organisations we serve. Our platform is built to meet stringent regulatory standards across multiple jurisdictions, supporting the critical work our partners deliver in Australia and internationally.
Docca stores customer data securely in-region, with Australian data hosted onshore within Australia. We partner with trusted, compliant cloud infrastructure providers to ensure data residency in accordance with local regulations where applicable.
Docca’s internal security framework aligns with globally recognised standards, including ISO 27001 principles. Key measures include:
We are actively preparing for formal certifications, including ISO 27001 and SOC 2 audits, as part of our full production security programme.
Docca is designed to align with major data protection frameworks, including:
We focus on the protection of Personal Information (PI), Sensitive Personal Information (SPI), and Personal Health Information (PHI) according to jurisdictional requirements.
During beta, Docca operates with logical data separation and strict access controls to prevent unauthorised cross-tenancy access. We are advancing to enhanced tenant isolation, including separated schemas and optional dedicated databases with end-to-end encryption for enterprise customers.
Docca’s hosting infrastructure partner, Fly.io, maintains SOC 2 Type 2 and ISO 27001 certifications. Docca is independently advancing its security and compliance programme, including external penetration testing and formal audits, to ensure robust protections for all clients.
Docca is committed to the ongoing enhancement of our safety, security, and compliance frameworks. We proactively monitor developments across healthcare, data protection, and cybersecurity standards to ensure our platform remains a trusted, future-ready partner for healthcare providers globally.
This Privacy Policy is effective as of 29/04/2025 and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.
We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically. If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.
For any questions or concerns regarding the privacy policy, please send us an email to support@docca.io.
