For over three decades, more than 25,000 dental professionals across Australia have trusted Centaur Software with their most sensitive practice data. As Australia’s leading practice management solution provider, we understand that security isn’t just a feature: it’s the foundation of everything we do.
We hold ISO 27001:2022 certification, demonstrating our commitment to the highest international standards for information security management. Our systems and processes undergo rigorous annual audits to maintain this certification.
We maintain comprehensive compliance with the Australian Privacy Principles, GDPR, the Australian Cyber Security Centre’s Essential 8, the OAIC Data Breach Notification Scheme, and all relevant state and territory regulations across Australia.
We perform annual penetration testing against recognised standards, including PTES, OSSTM, and OWASP. Our systems undergo regular independent security audits and continuous monitoring to identify and address potential vulnerabilities.
All hosted customer data is stored within Australian data centres, ensuring it remains under Australian jurisdiction and complies with local data sovereignty requirements. We prioritise keeping your data within Australia’s borders.
All data is encrypted both in transit and at rest using industry-standard encryption. Encryption keys are managed through enterprise-grade key management systems, ensuring robust security and protection from unauthorised access.
We maintain strict data retention policies that comply with regulatory guidelines. When data is no longer required, it is securely disposed of according to ISO 27001:2022 A.8.3 annex control standards, ensuring complete and secure deletion.
All our partners undergo rigorous third-party risk assessments before integration. We maintain ongoing security monitoring and regular reviews to ensure all partner relationships meet our stringent security standards.
Every third-party vendor and partner must pass comprehensive security assessments covering their certifications, data handling practices, and security controls before being approved to work with customer data.
We implement role-based access controls with multi-factor authentication (MFA) and single sign-on (SSO) across all our key systems. Staff access is granted on a need-to-know basis and regularly reviewed.
We maintain extensive audit trails for all system access and user activities by our staff. All access to customer data is logged and monitored for security and compliance purposes.
Staff roles and permissions are configured based on specific job requirements and regularly audited. We enforce strict access controls, including IP restrictions and continuous monitoring of all staff activities involving customer data.
All Centaur Software staff undergo comprehensive background checks before accessing customer systems. We maintain ongoing security awareness training programs to ensure our team stays current with the latest security threats and best practices.
Our staff receive regular security awareness training and must comply with our ISO 27001:2022-certified security policies and procedures. Access to customer data is strictly controlled and monitored.
Our cloud products benefit from enterprise-grade infrastructure security, automated backup and recovery systems, and continuous security monitoring. All cloud deployments follow our ISO 27001:2022-certified security framework with additional cloud-specific protections.
We utilise multi-zone redundancy and real-time data replication to ensure high availability. Our infrastructure is designed to provide maximum uptime with comprehensive disaster recovery capabilities.
We maintain well-established incident response processes in accordance with ISO 27001:2022 guidelines. Our comprehensive incident response plan includes immediate detection, containment, investigation, and remediation procedures.
We provide immediate notification following confirmed security incidents as part of our commitment to transparency and compliance with the OAIC Data Breach Notification Scheme and other regulatory requirements.
We employ multiple layers of security, including continuous monitoring, regular security updates, penetration testing, staff training, and strict access controls to prevent unauthorised access and security incidents.
Our infrastructure is designed for maximum reliability with redundant systems, regular backups, and comprehensive business continuity planning to ensure uninterrupted service delivery.
We maintain detailed disaster recovery plans, including automated backup systems, redundant infrastructure, and regular testing to ensure rapid recovery from any potential disruption.
Customers retain full ownership and control of their data at all times. We act solely as a custodian of your information, with established data management protocols that respect your ownership rights.
For our cloud-hosted systems, we fully support customer requests for data export, migration, or secure deletion. Our processes ensure compliance with regulatory requirements and maintain data integrity throughout any transition.
We maintain complete transparency about our data handling practices and provide detailed documentation about our security controls, compliance measures, and data protection procedures.
Centaur Software has been Australia’s most trusted practice management solution provider for over 30 years. Our commitment to security and compliance ensures that the 25,000+ dental professionals who rely on our solutions can focus on patient care with complete confidence in their data protection.
