Legal

Acceptable Use Policy

Last updated: May 2026

1. Purpose

This Acceptable Use Policy ("AUP") defines the acceptable and prohibited uses of the Thrive platform. It exists to protect all users, maintain service integrity, and ensure the platform remains a safe and reliable tool for clinical care delivery.

2. Intended Use

Thrive is designed exclusively for:

  • Clinical care documentation and management for PBS organisations
  • Recording and tracking incidents, behaviours, and care activities
  • Managing medication administration records
  • Conducting functional behaviour assessments
  • Creating and maintaining care plans and support strategies
  • Tracking outcomes and goals for service users
  • Managing staff assignments and organisational settings

3. Prohibited Activities

You must not use Thrive to:

Security Violations

  • Attempt to access data belonging to other organisations
  • Share login credentials with unauthorised individuals
  • Attempt to bypass security controls or access restrictions
  • Probe, scan, or test the vulnerability of the platform
  • Use automated tools to access the Service (bots, scrapers, etc.)

Data Misuse

  • Store data unrelated to clinical care delivery
  • Enter false, misleading, or fabricated clinical records
  • Export data for purposes unrelated to care delivery or regulatory compliance
  • Use patient data for personal, commercial, or research purposes without appropriate authorisation

Platform Abuse

  • Interfere with or disrupt the Service for other users
  • Upload malicious files, viruses, or harmful content
  • Attempt to reverse engineer or copy the platform
  • Use the Service in any way that violates applicable laws or regulations
  • Resell, sublicense, or redistribute access to the Service

4. Account Responsibilities

  • Each user must have their own individual account
  • Passwords must meet minimum complexity requirements (12+ characters)
  • Users must log out when leaving shared or public devices
  • Admins must promptly remove access for staff who leave the organisation
  • Users must report any suspected security incidents immediately

5. Clinical Data Standards

When entering clinical data, users must:

  • Record information accurately and contemporaneously
  • Use professional, respectful language in all records
  • Not include unnecessary personal opinions or discriminatory language
  • Follow their organisation's documentation policies and procedures
  • Review AI-rewritten text before accepting to ensure accuracy

6. Enforcement

Violations of this AUP may result in:

  • Warning notification to the user and their organisation admin
  • Temporary suspension of the user's account
  • Permanent termination of access
  • Reporting to relevant authorities if illegal activity is suspected

We will always attempt to contact the organisation admin before taking enforcement action, except in cases of immediate security threats.

7. Reporting Violations

If you become aware of any violation of this policy, please report it immediately to: [email protected]