Medilee
Security & Compliance

Your data security is our priority

Medilee is built with enterprise-grade security from the ground up. We protect sensitive medical and legal information with industry-leading practices.

Data Protection

  • AES-256 encryption for all data at rest
  • TLS 1.3 encryption for all data in transit
  • Principle of least privilege for data access
  • Regular security audits and penetration testing
  • Australian-hosted data centres

Access Controls

  • SSO-ready with SAML and OIDC support
  • Role-based access control (RBAC)
  • Multi-factor authentication (MFA)
  • Session management and timeout policies
  • IP allowlisting for enterprise accounts

Auditability

  • Comprehensive audit logging
  • User activity tracking and reporting
  • Document access history
  • Real-time security monitoring
  • Incident detection and alerting

Operational Practices

  • Documented security policies and procedures
  • Vendor security assessment program
  • Incident response and recovery plans
  • Regular employee security training
  • Business continuity planning

Visit our Trust Centre

For detailed information about our security certifications, compliance status, and policies.

View Trust Centre

Frequently asked questions

Common questions about our security practices.

All data is stored in Australian data centres operated by trusted cloud infrastructure providers. We do not transfer data outside of Australia without explicit consent.
Yes, Medilee is designed with the Australian Privacy Principles (APPs) in mind. We implement appropriate safeguards for the collection, use, and disclosure of personal information.
Data retention periods are configurable based on your organisation's requirements. We provide tools for data export and secure deletion when needed.
Yes, Medilee supports integration with common SSO providers via SAML 2.0 and OpenID Connect. Enterprise accounts can configure their preferred identity provider.
We maintain industry-standard security practices and are working toward formal certifications. Contact us to discuss specific compliance requirements for your organisation.

Have specific security questions?

Our team is happy to discuss your security and compliance requirements in detail.

Contact us