Security Hub
We take security seriously. This hub brings together our vulnerability disclosure policy, our self-assessment against the Australian Government's Essential Eight controls, and links to our full Trust & Security Centre.
Independent penetration test in progress
We have engaged an independent security firm to conduct a full penetration test of OpenBook Clinical (scheduled 2025). Results will be used to update our Essential Eight self-assessment and inform our remediation roadmap. We will publish a summary of findings (excluding exploitable technical details) upon completion.
Responsible Disclosure
Found a security vulnerability? Learn how to report it responsibly, what to include in your report, our safe harbour commitment, and what you can expect from us in return.
ACSC Framework
Our self-assessed maturity levels against the Australian Government's Essential Eight controls, published openly. Includes implementation details, evidence, and known gaps.
+ 4 more controls detailed
Full Documentation
Comprehensive security, privacy, and clinical governance documentation for hospital procurement teams, university ethics committees, and NDIS providers. Includes AI transparency, data flow diagrams, retention schedule, and certification status.
Service Reliability
Real-time status of all OpenBook Clinical services — API, Search Engine, Authentication, Database, AI Processing, Email, and Billing.
Contact
For security enquiries, vulnerability reports, Data Processing Agreement requests, or institutional security assessments, contact our security team directly.