We take the safety of your data very seriously.

That it is why it is at the forefront of everything that we do.

World class storage facilities

Noted is hosted by Amazon Web Services which is built to meet the requirements of the most security-sensitive organisations around the world.

Accreditations and certifications

With AWS as our hosting partner our accreditations include GDPR (European privacy standard) and HIPAA (US health privacy standard).


All client data is encrypted in transit and at rest and is not stored on user devices. Sensitive data is encrypted at field level and uses an advanced identity and key management system that ensures secure and managed access to data. This allows us to compartmentalise data to reduce impact and risk.

24/7 monitoring

Our infrastructure is continually monitored by automated systems. Our on-site security officer is responsible for our Information and Security programme, identifying risks, and testing to minimise any potential security threats.


We are constantly updating and improving our infrastructure and processes to comply with various standards including HIPAA, GDPR, CIS and HISO. Noted has been trusted to connect to the Ministry of Health and ACC (NZ) and other sensitive environments.

Limited access

The Noted team has limited access to customer data; only what has been agreed upon in customer contracts and agreements. User access is also strictly monitored and governed to reduce risk, e.g. access is instantly revoked from staff if it is no longer needed.

API security

Noted can integrate with your organisation using our RESTful API. Our API provides strong encryption, secure authentication, and authorisation. All actions and traffic is logged and audited for security purposes.

No data sharing

Noted does not disclose or share any of your data with any third parties or outside sources – except if we are required to by law, or at your request.