Services

Cybersecurity consulting designed for how medical practices actually work. Every service is tailored to healthcare workflows, Australian regulations, and the reality that your team is focused on patient care — not IT.

Security Policy Packages

Clear, practical policies your team will actually follow.

  • Privacy policies aligned with the Privacy Act 1988 and Australian Privacy Principles (APPs)
  • Information security policies tailored to clinical workflows
  • Data handling and retention procedures for patient records
  • Policies that satisfy medical board and RACGP accreditation requirements
  • Staff-friendly documentation — not 50-page legal documents nobody reads
View Security Policy Packages

Security Health Check

Understand where your practice stands and what to prioritise.

  • Comprehensive review of your practice's security posture across 9 domains
  • Assessment of patient record access controls and audit logging
  • Physical security review (workstations, server rooms, reception areas)
  • Network and Wi-Fi security evaluation
  • Clear, prioritised action plan with practical recommendations
View the Security Health Check

Vendor Risk Assessments

Make sure the software and services you rely on are keeping data safe too.

  • Security evaluation of practice management systems (Best Practice, Medical Director, Cliniko, etc.)
  • Cloud service and hosting provider assessments
  • Pathology, imaging, and diagnostic integration security review
  • Telehealth platform security assessment
  • Medicare and government system integration review
  • Vendor contract review for data protection clauses
View Vendor Risk Assessments

Compliance Readiness

Understand your obligations and be confident you're meeting them.

  • Privacy Act 1988 compliance review
  • Australian Privacy Principles (APPs) gap analysis
  • Notifiable Data Breaches (NDB) scheme preparedness
  • RACGP Standards for General Practices (5th Edition) alignment where applicable
  • My Health Record system obligations
  • Practical compliance roadmap — not a checklist of legal citations
View Compliance Readiness

Incident Response & Breach Preparation

Be ready before something goes wrong, not scrambling after.

  • Data breach response plan development
  • Notifiable Data Breaches scheme response procedures
  • Roles and responsibilities during a security incident
  • Communication templates for patients, staff, and regulators
  • Tabletop exercises to test your plan
  • Relationship with the OAIC notification process
View Incident Response & Breach Preparation

Staff Security Awareness

Help your team become your strongest line of defence.

  • Practical guidance on recognising phishing and social engineering
  • Secure handling of patient information in daily workflows
  • Password and access management best practices
  • Safe use of email, messaging, and file sharing
  • Guidance tailored to clinical and administrative roles
  • Short, focused sessions that respect how busy your team is
View Staff Security Awareness

Service packages

Assessment, policies, and vendor risk reviews bundled into a single fixed-fee engagement — with meaningful savings and coordinated findings.

Practice Security Starter

Everything a small practice needs to get the fundamentals right.

From $2,000 ex GST

Saves $300–$500 vs. purchasing separately

What's included

Security Health Check
  • Pre-assessment questionnaire
  • 60–90 minute assessment session
  • Detailed report covering 9 security domains
  • Prioritised recommendations
  • Delivery walkthrough call
Core Policy Pack (5 policies)
  • Acceptable Use Policy
  • Password & Authentication Policy
  • Data Breach Response Plan
  • Privacy Policy (patient-facing)
  • Staff Offboarding Security Checklist

Best for: Solo GPs, small practices (1–4 practitioners), allied health practices.

Typical timeline: 3–4 weeks from scoping call to completion.

Book a Free Scoping Call
Comprehensive

Practice Security Complete

Comprehensive coverage for practices that want to address security, compliance, and vendor risk in one engagement.

From $4,200 ex GST

Saves $1,000–$1,400 vs. purchasing separately

What's included

Security Health Check
  • Pre-assessment questionnaire
  • 60–90 minute assessment session
  • Detailed report covering 9 security domains
  • Prioritised recommendations
  • Delivery walkthrough call
Extended Policy Pack (13 policies)
  • Acceptable Use Policy
  • Password & Authentication Policy
  • Data Breach Response Plan
  • Privacy Policy (patient-facing)
  • Staff Offboarding Security Checklist
  • Access Control Policy
  • Backup & Recovery Policy
  • Remote Access & Telehealth Security Policy
  • Vendor & Third-Party Management Policy
  • Physical Security Policy
  • Incident Response Plan
  • BYOD (Bring Your Own Device) Policy
  • Records Retention & Disposal Policy
Vendor Risk Assessment (3 vendors)
  • Full 7-dimension assessment per vendor
  • Individual vendor reports with risk ratings
  • Cross-vendor risk summary
  • Findings review call
Priority Recommendations Roadmap
  • Consolidated action plan across all three engagements
  • Ranked by priority and estimated effort
  • Identifies your highest-impact next steps across security, policy, and vendor risk

Best for: Medium practices (5–10+ practitioners), specialist practices, practices preparing for RACGP accreditation.

Typical timeline: 4–6 weeks from scoping call to completion.

Book a Free Scoping Call
All prices are fixed-fee and exclusive of GST. Final pricing is confirmed after a short scoping call based on practice size and complexity.

Not sure which package is right for your practice? Our free 15-minute scoping call will help you decide — no obligation.

Learn more about what's included in each package

Not sure what you need?

Start with our free security check to identify where your practice might have gaps, or get in touch and we'll help you work out the right next step.

Free Security Check Get in Touch