MOVO-X Malaysia is built to meet every regulatory requirement for Malaysian healthcare IT — PDPA 2010, PHFSA 1998, MOH digital health guidelines, KCIS integration, and ISO 27001 pathway.
Data User registration filed. Consent management on kiosk touchscreen (first visit). Data subject rights: access, correction, withdrawal. Breach notification < 72 hours to PDPC Malaysia. Patient NRIC stored as SHA-256 hash only — raw IC never persisted.
Clinical data handling follows KKM requirements for MOH-licensed private hospitals and specialist centres. MOVO-X stores only queue/appointment metadata — no clinical records. Architecture reviewed against PHFSA 1998 Schedule 4 IT system requirements.
Platform architecture follows KKM's Digital Health Framework guidelines for healthcare IT systems. KCIS integration pathway documented and implemented per KKM API specifications.
Gap assessment completed May 2026. Target Q4 2026 certification on enterprise tier. All 114 controls mapped in Statement of Applicability. External certification body engaged.
Planned H1 2027. Security, Availability, Confidentiality, Processing Integrity, Privacy trust service criteria.
| Encryption at rest | AES-256 — all patient records, queue data, NRIC hashes in Supabase Postgres (ap-southeast-1) |
| Encryption in transit | TLS 1.3 enforced on all connections — kiosk, browser, DB replication |
| Key management | KMS keys in Supabase ap-southeast-5 (KL region) — envelope encryption, keys never co-located with data |
| Authentication | JWT (HS256), httpOnly cookie, sameSite=lax — CSRF-safe. RLS deny-all on anon/authenticated roles |
| NRIC handling | SHA-256 hash only — raw IC number never stored at any layer |
| Audit logs | 7-year immutable retention per PDPA 2010 requirement. Write-once, admin cannot modify |
| Network isolation | Supabase PrivateLink — no public DB access. Vercel sin1 edge WAF |
| Secret management | Pre-commit secret blocker (gitleaks) — credential leak prevention at commit layer |
Yes. MOVO-X Sdn Bhd is registered as a Data User with the Department of Personal Data Protection (JPDP) Malaysia per PDPA 2010 requirements.
MOVO-X stores queue and appointment metadata (arrival time, department, wait time) — not clinical records. Patient NRIC is stored only as a SHA-256 hash. MOVO-X does not handle clinical diagnoses, lab results, medications, or treatment records.
PDPC Malaysia is notified within 72 hours of confirmation. Affected patients are notified within 7 days. Enterprise customers receive a full incident report within 14 days. Audit logs are preserved for investigation.
The MyKad NFC reader extracts the NRIC number. It is immediately hashed (SHA-256) and the raw IC number is never stored. The hash is used only for returning patient identification.
Patient data is stored in Supabase Singapore (ap-southeast-1) — ASEAN-resident. Encryption keys are in Supabase KL (ap-southeast-5, Malaysia region). Data does not leave ASEAN except for AI triage (Anthropic, zero data retention mode — data not persisted after processing).
Yes. We provide: PDPA 2010 Data Processing Agreement, ISO 27001 gap assessment, security architecture document, subprocessor list, and breach notification runbook. Typically provided within 5 business days of NDA execution.
We provide DPA templates, ISO 27001 SoA, security architecture doc, subprocessor list, and breach notification runbook. Typically within 5 business days of NDA execution.