Compliance

How NouxVoice meets healthcare data regulations across every region we operate in

Last updated: April 2026

Australian Privacy Framework

Privacy Act 1988 (Cth)

NouxVoice complies with the Privacy Act 1988 and all 13 Australian Privacy Principles (APPs), governing how we collect, use, store, and disclose personal information for Australian healthcare tenants.

My Health Records Act 2012

We maintain controls aligned with the My Health Records Act to ensure proper handling of health information that may be processed through our receptionist service.

Notifiable Data Breaches Scheme

We maintain an incident response plan that complies with the NDB scheme. In the event of an eligible data breach, we will notify affected individuals and the OAIC within the required timeframe.

Data Center: AWS ap-southeast-2 (Sydney)

All Australian tenant data is processed and stored exclusively within the Sydney region.

Cross-Regional Security Standards

Regardless of region, all NouxVoice deployments adhere to the following security standards:

Encryption at Rest

All data at rest is encrypted using AES-256 via AWS KMS with tenant-specific encryption keys.

Encryption in Transit

All data in transit is protected by TLS 1.3. Voice calls use encrypted WebRTC (SRTP) and SIP-TLS.

SOC 2 Readiness

Our infrastructure and processes are designed to meet SOC 2 Type II requirements for security, availability, and confidentiality.

Regular Security Audits

We conduct regular security assessments including vulnerability scanning, penetration testing, and infrastructure reviews.