Skip to content

Security & Privacy

Cortex manages highly sensitive healthcare information. Ensuring its absolute protection, privacy, and continuous availability is foundational to our platform. We engineer robust security protocols into every layer of our clinical architecture.

Data Ownership & Control

All clinical data generated within Cortex remains the exclusive property of your organisation. Sense Medical acts strictly as a secure custodian—storing, protecting, and seamlessly integrating data with your existing infrastructure, while ensuring a straightforward path for data portability.

Guaranteed Ownership

Contractual terms explicitly guarantee your data ownership. Full data exports are available in standard, interoperable formats at any time.

Flexible Data Residency

Data is hosted exclusively within your required geographical region and remains strictly inside agreed-upon legal jurisdictions.

Real-Time Analytics Streams

Structured clinical data streams continuously into your organisation’s decision-support and reporting infrastructure, enabling immediate utility for your teams.

Healthcare Compliance & Governance

Protected Health Information (PHI) demands a higher standard of care. We operate in strict alignment with your organisation's existing regulatory frameworks, ensuring compliance with global healthcare data standards.

Regulatory Compliance

Sense Medical adheres to all regional privacy laws and statutory protections governing sensitive health information.

Institutional Alignment

We integrate seamlessly within your established clinical governance and information security frameworks, actively supporting your internal review and assurance processes.

Zero Commercialisation

Clinical data is processed solely to deliver the Cortex platform. We never monetise data, sell it to third parties, or use it to train external AI models.

Platform Architecture & Safeguards

Enterprise Cloud Infrastructure

Cortex is deployed as a containerised, cloud-native application on Amazon Web Services (AWS), inheriting the rigorous physical security and compliance certifications of a highly audited infrastructure.

Encrypted in transit and at rest

Traffic between user devices, the Cortex platform, and your clinical systems is encrypted in transit, with system integrations secured over mutually authenticated TLS. All data is securely encrypted at rest.

Identity & Access Management (IAM)

Single Sign-On (SSO) integrates natively with your identity provider (Microsoft Entra ID, OpenID Connect). Role-Based Access Control (RBAC) aligns permissions directly with clinical duties, preserving your existing user-lifecycle management.

Comprehensive Audit Logs

Every document, task, and message in Cortex is timestamped and attributed to an identified clinician, giving you an auditable record of who did what, and when.

Tenant isolation

A robust multi-tenant architecture ensures strict logical separation of each organisation’s data, seamlessly supporting isolated deployments across distinct health systems and regions.

Continuous Security Validation

The platform undergoes regular independent penetration testing and security reviews, validating our alignment with the security assurance standards of the healthcare providers we serve.

High Availability & Clinical Resilience

Critical clinical applications must remain operational during high-stakes moments. Cortex is engineered to withstand network volatility and recover instantly from disruptions, ensuring patient care is never delayed by technology.

Offline-First Architecture

Clinicians can maintain workflows uninterrupted during network outages; data synchronises automatically and intelligently once connectivity is restored.

Disaster Recovery & Redundancy

Clinical data is continuously backed up, supported by rigorous recovery protocols designed to minimise downtime and restore operations rapidly.

Production-Proven Reliability

Cortex is deployed in high-volume, continuous hospital environments, reliably supporting frontline clinical teams daily.

Incident Management & Response

Sense Medical maintains a rigorously defined incident response framework. In the event of a security anomaly, our team executes swift containment and forensic investigation protocols. We commit to transparent communication, providing timely updates and formal notifications in strict accordance with legal and contractual obligations, while collaborating directly with your security leads.

Questions from your security team?

We routinely collaborate with institutional assurance, privacy, and information governance teams to fulfill complex technical requirements. Let us help accelerate your vetting process.