About CareFile
Built to feel clear, calm, and trustworthy.
CareFile is participant-controlled health and support record keeping. The product exists to make important information easier to find, easier to understand, and easier to use when the stakes are already high.
Design principles
What CareFile is
A calmer way to keep health, support, and NDIS information organised and ready when it matters.
What this page covers
The stage of the product, the design references in use, and the boundaries CareFile is being careful not to overstate.
Why this matters
Trust is easier to build when the public site says what is true and names what is not true yet.
Design references
Built with clear boundaries.
CareFile can be shaped by Australian care, support, and privacy expectations without implying government affiliation, endorsement, or live integrations.
Independent product
CareFile is not part of, endorsed by, affiliated with, sponsored by, certified by, or operated by the NDIS, Services Australia, Medicare, myGov, My Health Record, or any government service.
Addresser
Used for real-time Australian address autocomplete, verification, geocoding, parsing, metadata, and email validation so core details stay more accurate.
Australian Bureau of Statistics
Used for suburb and local government area lookups to support location-aware features with official Australian geography data.
NDIS structure
The NDIS area is organised around participant workflows such as plans, funding categories, providers, evidence, and support coordination. That does not mean CareFile is connected to, endorsed by, or operated by the NDIS.
Resend
Used to deliver magic-link sign-in emails. Resend is SOC 2 Type II certified and processes only the recipient email address for delivery. No health data is transmitted.
Privacy and security frameworks
CareFile uses Australian privacy expectations as design references, especially the Privacy Act 1988, the Australian Privacy Principles, and OAIC guidance. This is not a claim of regulator approval or certification.
Privacy and data handling
The trust model is simple on purpose.
A health product should be understandable before it is persuasive. The rules below stay short because the goal is clarity, not theatre.
- Your information stays under your control
- Nothing is sold, profiled, or shared without consent
- Core data is kept locally on this device in the prototype
- External services are used only when a feature genuinely needs them
- The privacy approach is shaped by the Privacy Act 1988, the Australian Privacy Principles (APPs), and OAIC guidance
- Formal compliance and security certification claims should only be made after real assessment
Address lookups and email validation pass through Addresser in real time. ABS geography lookups use anonymous location data only. Medicare, IHI, and other identifiers are not transmitted to third parties by CareFile.
CareFile is designed with Australian privacy expectations first, especially the Privacy Act 1988 and the Australian Privacy Principles (APPs). The product direction uses guidance from the Office of the Australian Information Commissioner (OAIC) as a reference point, without implying OAIC approval or certification. It is also being developed with the rule that formal security or compliance certification claims should only be made after a real assessment exists.
Try the product
Move from the public site into the working app.
The same design principles carry through the app itself: restrained, direct, and organised around real decisions.