Security & data handling
Care data deserves better than a shared database.
This page is the plain-English version of how Corella handles your organisation’s data — no acronym soup, no badge wall. If you want more detail than what’s here, ask us and you’ll get a straight answer.
The structural difference
Isolation isn't a setting. It's the architecture.
Every Corella provider gets their own instance: their own application, their own database, their own subdomain, their own branding. The wall between your data and anyone else's isn't a permission check — it's separate infrastructure.
In practice
What we do, in plain English.
One database per provider
Your instance runs against its own database with its own credentials. There is no shared table, no tenant column, no 'filtered view' of a communal pool — your data and another organisation's data are structurally separate.
Hosted in Sydney, Australia
Your instance, its database and your uploaded files live in Australian data centres (DigitalOcean, Sydney). Care records don't leave the country to be stored.
Roles with real walls
Five roles scope what people see and do. Support workers only see clients they're rostered with, and only the need-to-know essentials — office-only fields and one-way private notes stay with the office.
Files behind the login
Documents and photos are stored per-organisation and served only through your instance's authenticated proxy — there are no public file links to leak.
Backups you could actually use
Databases are backed up daily with point-in-time recovery. Backups are the platform's job, done on managed infrastructure — not a cron job on a box in a cupboard.
An audit log of who did what
Actions across the system are recorded — who created, changed or approved what, and when. When a question comes up months later, the answer is in the log, not in memory.
Watched for errors
Every instance reports errors to monitoring the moment they happen, and uptime checks page us if your instance stops answering. Problems get found by us, not by your Monday morning.
Sessions that re-check themselves
Logins re-verify a person's role and active status against the database on every sensitive action — deactivating a departed staff member cuts their access, immediately.
What you won’t find here: badges we don’t hold.
We don’t display certification logos we haven’t earned, and we won’t imply compliance frameworks by decoration. What we will do is answer any question about how your data is stored, who can access it, and how you’d get it back — directly, from the people who run the platform.
Ask us anything about data handlingSee your organisation in Corella.
A 30-minute walkthrough with the people who built it — your workflows, your terminology, not a canned demo.