Book a Demo
Login

Dental4Web Shared Responsibility Model

Security and Compliance is a shared responsibility between Centaur Software Development and our customers. This model helps reduce the operational burden on your practice as we handle the operation, management, and control of the application components, including data protection, backup systems, and the underlying infrastructure of our cloud environments.

You are responsible for managing your use of Dental4Web, including user management, data input, protection of patient information, and adherence to applicable privacy laws and regulations. This division of responsibilities allows for flexibility and control, enabling you to use Dental4Web effectively and securely within your practice’s IT environment while maintaining the confidentiality and integrity of your patient data. 

Centaur Software’s Responsibilities

  • Secure Development Practices. Develop and maintain application code following industry best practices, including regular code reviews and security testing.  
  • Regular Updates. Provide timely software updates and patches to address any potential vulnerabilities.  
  • Security Testing. Conduct annual security testing by independent cybersecurity experts to identify and address potential threats. 
  • Encryption. Use advanced encryption methods to protect data during transmission and storage.  
  • Backup and Recovery. Implement robust backup and disaster recovery procedures, with data redundancy across multiple locations, to preserve data integrity and availability. 
  • Regulatory Compliance. Adhere to the Australian Privacy Principles (APPs), the Notifiable Data Breaches (NDB) scheme, and relevant state-based regulations. 
  • Industry Standards. Comply with applicable industry standards and maintain appropriate security certifications. 
  • Secure Infrastructure. Deploy and maintain secure infrastructure within appropriate regions to ensure data sovereignty requirements are met.  
  • Access Controls. Implement comprehensive security controls, including multi-factor authentication, network restrictions, and authorised device management.  
  • System Protection. Secure all database and server environments through multiple layers of protection, including encryption, malware prevention, and systematic hardening procedures. 
  • Security Training. Maintain a comprehensive security awareness program with mandatory training sessions and periodic updates.  
  • Personnel Verification. Conduct thorough background screening processes for all personnel.  
  • Access Management. Implement strict access control protocols with regular auditing procedures. 
  • Activity Tracking. Maintain detailed audit logs of all critical system modifications and user activities.  
  • System Monitoring. Deploy monitoring tools to track and record all database and system operations.  
  • Regular Reviews. Conduct systematic reviews of security logs and system activities through dedicated security personnel. 

 

Customer
Responsibilities

  • Role-Based Access. Provide users access only to the resources they need by managing user accounts, roles, and permissions within the application. 
  • Authentication Policies. Enforce strong password policies and implement multi-factor authentication to improve security. 
  • Access Restrictions. 
    • Enforce IP Restrictions. Limit application access to approved IP addresses. 
    • Trusted Devices. Allow access only from recognised and authorised devices. 
    • Day/Time Access Restrictions. Restrict application access to specific days and times that align with your practice’s operational hours. 
    • Session Management. Enable automatic logout thresholds to prevent unauthorised access from unattended devices. 
  • User Activity Monitoring. Regularly review user activity logs to detect unauthorised or unusual activities. 
  • Audit Logs. Review audit logs to maintain oversight of actions performed within the system. 
  • Data Accuracy. Keep the data  recorded in the system accurate by regularly reviewing and updating patient information. 
  • Data Retention Policies. Implement appropriate data retention and disposal policies in compliance with legal and regulatory requirements. 
  • Device Security. Maintain the security of devices accessing the software, including installing antivirus software and applying system updates. 
  • Secure Network Connections. Use secure network connections when accessing the application to prevent unauthorised access. 
  • Regulatory Compliance. Verify that the use of the software complies with local laws and regulations pertinent to dental practice management. 
  • Internal Policies. Implement necessary policies and procedures to protect patient information in accordance with legal obligations. 
  • Cybersecurity Strategies. Follow the Australian Cyber Security Centre’s Essential Eight strategies to reduce cybersecurity incidents. 

Shared
Responsibilities

  • Incident Management Protocol. Follow established procedures where Centaur manages system-level incidents while customers handle practice-level incidents, with clear escalation paths. 
  • Timely Communication. Share information about security incidents promptly to enable a coordinated response. 
  • Centaur’s Role. Provide training materials and resources to help customers understand security best practices. 
  • Customer’s Role. Ensure staff are trained and aware of these best practices to maintain a secure environment. 

Additional Resources

Security Information

Learn more about our security focus on our Security Information Page.

Privacy Policy

Review our Privacy Policy to understand how we handle your data.

Knowledge Base

Access our online Knowledge Base for support articles and FAQs.

Contact Us

For any queries or assistance, please get in touch with our Support team. 

Phone. Call us at 1300 855 966  

Email. Send an email to support@centaursoftware.com 

     

By clearly defining these responsibilities and working together, we aim to create a secure and compliant environment for managing dental practice information and delivering the highest standards of service to our customers. 

If you have any questions or need assistance with your responsibilities within the Shared Responsibility Model, please reach out to our team. We’re here to help you maintain a secure and efficient dental practice. 

Intuitive, web-based practice management for the modern dentist
Why Dental4Web?
Practices We Help
Integrated Services
Support & Learning

Follow us:

Facebook-f Instagram Linkedin

Centaur Software acknowledges the Traditional Owners of the lands across Australia as the continuing custodians of the Country and Culture. We pay our respect to First Nations peoples and their Elders, past and present.

© 2025 Dental4Web. All Rights Reserved.