Security & Technology

Built with enterprise-grade security and powered by advanced AI technology trusted by Australian insurance companies.

Security Certifications & Reviews

AllMeds has undergone rigorous security reviews and maintains compliance with Australian and international standards

iCare Security Review

iCare NSW has been consulted on platform security. Final platform approval is subject to each individual insurer's security review process and requirements.

ISO 27001 Certified

Infrastructure operates on ISO 27001:2013 certified platforms (Supabase, Vercel). Information security management system aligned with international standards.

ISO 42001 AI Governance

AI governance framework aligned with ISO 42001 (Artificial Intelligence Management System) for responsible AI practices and transparent model usage.

How AllMeds Works Under the Hood

Enterprise AI technology built specifically for Australian medication risk assessment

AI-Powered OCR

Claude AI extracts medication data from any document format with 99%+ accuracy. Handles handwritten prescriptions, pharmacy receipts, and complex medical documents.

Zero Data Retention

Proprietary Risk Scoring Engine

AllMeds' proprietary rules engine scores each individual medication based on our clinical risk framework. Our rules engine ensures results are deterministic, not probabilistic, so you get consistent, reliable outcomes every time.

TGA Database Integration

Australian Therapeutic Goods Administration (TGA) drug database with 92,000+ registered medications for accurate identification and classification.

PBS Pricing Engine

Real-time pricing comparison against Pharmaceutical Benefits Scheme (PBS) schedule to identify overcharging and billing discrepancies.

Australian Safety Standards Compliance

Automated compliance checks against Australian Medication Safety Standards (e.g., SIRA guidelines) and regulatory requirements.

Enterprise Infrastructure

Hosted on Vercel (SOC 2, ISO 27001, HIPAA, PCI DSS) with Supabase backend (ISO 27001, SOC 2 Type II) for enterprise-grade reliability and security.

Built by Pharmacists: AllMeds was developed by registered pharmacists with 5+ years of insurance claims experience, ensuring clinical accuracy and practical usability.

AI Security & Data Privacy

Anthropic Claude AI with enterprise data protection guarantees

Zero Data Retention

Anthropic does not retain customer data used in API calls. All medication records, claim data, and patient information is immediately discarded after processing.

  • No training data
  • No logging
  • No retention
  • Confirmed via Enterprise Data Protection

Business Associate Agreement

AllMeds maintains a Business Associate Agreement (BAA) with Anthropic for HIPAA-aligned data handling (adapted for Australian context).

  • Contractual data privacy guarantees
  • Liability protection for health data
  • Regular compliance audits
  • Enterprise-grade SLAs

No Training on Customer Data

Anthropic does NOT use customer data to train or improve models. Explicit opt-out enforced via enterprise API agreement.

  • Complete isolation from model development
  • Contractually prohibited
  • No contribution to model updates

Explainable AI

Every risk assessment includes clinical reasoning explaining why medications were flagged and which interactions were identified.

  • Transparent sources (PBS, TGA, guidelines)
  • Human-in-the-loop oversight
  • Audit trail for all recommendations

Security & Compliance

Enterprise-grade security protecting sensitive claim and patient data

Data Encryption

  • AES-256 encryption at rest
  • TLS 1.3 encryption in transit
  • End-to-end encryption for sensitive documents
  • Encrypted database backups

Access Control

  • Role-based access control (RBAC)
  • Multi-factor authentication (MFA)
  • SSO integration (SAML 2.0)
  • Audit logs for all access

Compliance Standards

  • ISO 27001:2013 certified (infrastructure + Vercel)
  • ISO 42001 (AI governance)
  • SOC 2 Type II compliance (Supabase + Vercel)
  • HIPAA-aligned (Anthropic BAA + Vercel)
  • Australian Privacy Principles (APP)
  • Privacy Act 1988 compliance
  • PCI DSS support (Vercel)
  • GDPR compliant data handling

Australia-Only Data Storage

  • AWS Sydney Region (ap-southeast-2)
  • AWS GovCloud-compliant infrastructure
  • No offshore data transfer without consent
  • Full data sovereignty for Australian insurers
  • Local disaster recovery infrastructure

Data Retention & Backup

  • Automated daily backups
  • Point-in-time recovery
  • Configurable retention policies
  • Secure data deletion on request

Monitoring & Incident Response

  • 24/7 security monitoring
  • Real-time threat detection
  • Notifiable Data Breaches (NDB) compliance
  • Regular security audits and penetration testing

API & System Integrations

Seamlessly integrate AllMeds into your existing claims workflow

RESTful API

Modern REST API with comprehensive documentation, webhooks for real-time updates, and rate limiting for enterprise use.

Claims Management System Integration

Pre-built connectors for major claims platforms including Guidewire, Duck Creek, and custom integrations via API.

Email & Document Workflows

Automated document ingestion from email, secure file upload portals, and integration with document management systems.

Notifications & Alerts

Real-time risk alerts via email, SMS, or webhook when critical medication risks are identified in new claims.

Need Custom Integration?

Our team can work with your IT department to build custom integrations for your specific claims workflow.

Discuss Integration Options

Trust & Transparency

Clinical Validation

All risk assessments are based on TGA data, clinical pharmacy guidelines, and Australian Medication Safety Standards. Our algorithms are validated by registered pharmacists.

Explainable AI

Every risk assessment includes clear reasoning explaining why medications were flagged, which interactions were identified, and what compliance issues exist.

Human Oversight

AllMeds is a decision support tool, not a replacement for clinical judgment. All recommendations should be reviewed by qualified healthcare professionals.

Continuous Improvement

Our pharmacist team continuously updates the platform based on new clinical guidelines, user feedback, and emerging medication safety research.

Questions About Security or Technology?

Our team can provide detailed technical specifications, security documentation, and compliance certifications.

Book a Technical Demo