PDPA SG · MAS TRM · AES-256 · TLS 1.3

Security Architecture

Built for Singapore healthcare — PDPA SG 2012, MAS TRM, HCSA 2020, and MOH cybersecurity guidelines. All data sovereign in Singapore.

AES-256
Encryption at rest
TLS 1.3
Encryption in transit
ap-southeast-1
Singapore data residency
< 3 days
PDPC breach notification

Security Framework

🔐

Encryption

  • AES-256 encryption at rest for all patient and clinic data
  • TLS 1.3 in transit — no downgrades permitted
  • Envelope encryption with customer-managed keys (Enterprise)
  • KMS-managed keys stored separately from data
🔑

Authentication & Access

  • JWT tokens with short expiry and rotation
  • httpOnly, sameSite=lax cookies — no client-accessible tokens
  • Role-based access control (clinic admin, staff, department, group)
  • Multi-factor authentication enforced for all staff accounts
🗺️

Data Residency

  • Supabase Singapore region (ap-southeast-1) — data sovereign in Singapore
  • No cross-border transfer of personally identifiable health information
  • PrivateLink network isolation from public internet
  • Backups retained within Singapore only
📋

PDPA Singapore 2012

  • Consent, access, and correction obligations built into platform
  • Data Protection Officer (DPO) registered with PDPC Singapore
  • Breach notification to PDPC < 3 calendar days
  • Data portability: records exportable in HL7 FHIR R4 format
🏦

MAS TRM Guidelines

  • Audit logs per MAS Technology Risk Management guidelines
  • Access controls and change management per MAS TRM Section 4
  • DR: RTO < 4 hours, RPO < 1 hour for payment-bearing systems
  • Third-party payment processor due diligence documented annually
🏥

HCSA 2020 Compliance

  • HCSA 2020 compliance (MOH-licensed healthcare institution requirements) — MOVO-X operates as a technology vendor to HCSA-licensed institutions
  • NEHR data governance aligned with MOH Electronic Health Records Act 2011
  • Patient consent for NEHR data sharing at point of registration
  • Access logs retained per MOH audit requirements for licensed institution deployments

Security Policies at a Glance

Audit log retention5 years (MAS TRM + PDPA SG)
Clinical record retention7 years (MOH guidelines)
Breach notification< 3 days (PDPC Singapore PDPA SG)
Penetration testingAnnual (OWASP ZAP CI + external pen test)
Vulnerability scanningContinuous CI/CD pipeline
Patient clinical records storedNo — queue metadata only
NEHR access modeRead-only, patient consent required
SingPass integrationSingPass MyInfo API (Enterprise tier)

No Clinical Records Stored

MOVO-X stores queue metadata, appointment timestamps, and NRIC references (hashed, not plain text). No clinical records, diagnoses, prescriptions, or medical history are stored in MOVO-X systems. Clinical data remains in the hospital's own EMR/HIS.

SingPass Integration Security

SingPass integration uses the official SingPass MyInfo API for patient identity verification. Face verification (Enterprise tier) uses SingPass Face Verification via NDI-approved channels. No biometric data is stored by MOVO-X.

Security questions?

Contact our security team or Data Protection Officer for detailed security documentation, penetration test reports, or compliance attestations.