Risk register
Known failure modes are managed openly.
Each engagement starts with a short register covering privacy exposure, wrong-output risk, staff override points, audit requirements, and operational fallback.
Safety & Compliance
For NDIS, allied health, aged care, and education-adjacent work, the model is never the control plane. The workflow, risk register, audit trail, and human release authority are.
Risk register
Each engagement starts with a short register covering privacy exposure, wrong-output risk, staff override points, audit requirements, and operational fallback.
PII boundary
Names, participant identifiers, patient context, dates, and internal notes are isolated before model work wherever the workflow allows it.
Human release authority
AI can draft, classify, and queue. Claims, clinical notes, incident reports, and family communications still require human approval.
Audit trail
Outputs are designed to show source context, model involvement, reviewer action, and the final released version.
Operating model
Most AI failures are not model failures. They are workflow failures: no owner, no fallback, no review state, no way to explain what happened.
Structured fields, permission boundaries, and clear source records.
The model handles only the narrow task it is trusted to handle.
Human approval and logs before an output reaches a participant, patient, family, or portal.
Compliance posture
NDIS
AHPRA
Aged care
Privacy