The safest personal data is the data we never hold.
Attesta is built on one architectural decision that removes an entire category of risk: we ingest policies, procedures and governance documents only — never resident, participant, patient or clinical records. Not as a policy we ask you to follow. As a system constraint we enforce.
Reject and discard, never store.
Every uploaded document is screened for personal information before it enters the assessment pipeline. If personal information is detected — a name in a case study appendix, an incident report pasted into a policy, a resident list left in a spreadsheet tab — the document is rejected and discarded. It is not quarantined, not held for review, not "processed then deleted". It never enters storage at all, and you're told exactly why so you can strip the content and re-upload.
What Attesta ingests
Policies, procedures, frameworks, charters, registers (de-identified), reporting templates, training curricula. Documents about how you operate.
What Attesta refuses
Care plans, clinical notes, incident reports naming people, rosters, complaints files, anything identifying a resident, participant, patient or staff member.
Why it matters
A readiness tool holding health information would itself be a privacy risk you'd have to govern. Attesta is designed so that risk cannot exist.
Not a medical device. Attesta performs no clinical function and processes no clinical data. It assesses documents about care systems — never care itself.
Australian data, Australian jurisdiction.
- Hosted in AWS Sydney. Customer documents and assessment data reside in Australia and are not replicated offshore.
- Privacy Act 1988 (Cth) / APP compliant. The limited personal information we do hold — account and contact details for your own users — is handled under the Australian Privacy Principles. Read the privacy policy.
- Encryption throughout. Documents are encrypted in transit and at rest.
- Your documents are yours. We don't train models on your policies, share them, or retain them after you delete them or close your account.
- ISO 27001-aligned controls, certification in progress. Our information security management system is built to ISO 27001; we'll publish the certificate when the assessment completes, and won't claim it a day earlier. Claims discipline is a security control too.
Look at this website. It practises what the product preaches.
Most software companies tell you privacy matters, on a website carrying a dozen trackers. We decided the marketing site should be held to the product's standard:
- Zero cookies. No consent banner because there is nothing to consent to.
- Zero analytics, zero trackers. No advertising pixels, no session recording, no fingerprinting, no third-party requests — every asset on this site is self-hosted. (The single exception: the scheduling widget on the book-a-demo page, loaded from Calendly with integrity checks, and clearly disclosed there.)
- Nothing stored in your browser. No localStorage, no sessionStorage. Even the self-check keeps your answers in memory only — close the tab and they're gone.
- Forms that forget. Enquiry forms are relayed by email and stored nowhere on the web server. Inputs are sanitised, rate-limited and spam-trapped server-side.
- Strict security headers. A Content-Security-Policy restricting the site to its own origin, frame denial, MIME-sniffing protection and HSTS — verifiable with any header-checking tool.
If we handle a marketing enquiry this carefully, you can guess how we treat your governance documents.
Security questions? Ask them before you upload anything.
Bring your IT and privacy people to a demo — we'll walk the architecture end to end.