Small Business

Childcare Centre Cyber Security Health Check

You're trusted with children's safety every day. That trust extends to protecting their information too.

Buy Now
$799 + GST

Childcare centres hold extraordinarily sensitive information about children and families.

Think about what's in your systems: children's full names, dates of birth, medical conditions, allergies, developmental observations, family court orders, authorised pickup lists, immunisation records, and photos. In the wrong hands, this information could be used to locate children, exploit families, or enable identity fraud that follows these children for decades.

Family court orders and custody arrangements are especially sensitive. Many centres hold information about custody disputes, intervention orders, and restricted persons. A data breach could inadvertently reveal a child's location to someone they're meant to be protected from. The consequences of that failure are unthinkable.

The NQS and Privacy Act have real consequences.

Quality Area 7 (Governance and Leadership) requires effective administrative systems that ensure confidentiality is maintained. Your regulatory authority can issue compliance notices, suspend, or cancel approval for services that fail to protect information. The Privacy Act adds penalties up to $50 million for failing to protect personal information—and information about children is classified as "sensitive information" requiring the highest protection.

CCS and PRODA access creates financial and compliance risk.

Your Child Care Subsidy portal access connects you to family financial information and government payment systems. Compromised credentials could mean fraudulent claims, incorrect subsidy calculations, and a compliance investigation from the Department of Education. The administrative burden of fixing this—while still running a centre—is enormous.

Parent communication apps can be a weak point.

Storypark, Xplor, Kindyhub—these platforms share children's photos, daily observations, and developmental information with families. How confident are you that access is properly controlled? That former staff have been removed? That parents can only see their own children's information? A misconfiguration could expose children's photos and information to people who shouldn't have access.

Parents trust you with their children. They expect you to protect their information too.

In an age where parents research centres extensively before enrolling, a data breach could devastate your reputation and enrolments. Word travels fast in parent communities. Being able to show you take information security seriously—before an incident—builds trust and differentiates your centre.

This health check is built specifically for childcare centres.

Plain-English questions covering CCS/PRODA portal security, childcare management software, parent communication apps, children's records and photos, authorised person lists, staff access controls, and NQS alignment. No technical jargon—designed so any director or nominated supervisor can complete it and understand the results.

What you get:

67
Plain-English Questions
Specific to childcare centres—no technical knowledge required
Clear Security Score
See exactly where you're protected and where you're exposed
Prioritised Actions
Gaps ranked by risk with specific steps to fix each one
Professional Reports
Comprehensive Word report with scores, recommendations, and improvement plan

What You Receive

Every assessment generates a comprehensive report. Download a sample below.

Summary Report

Plain-English findings with scores, prioritised improvement plan, risk associations, and resources

Download Sample

Complete it in about 60 minutes. No technical knowledge required. Your data never leaves your device.

Who is this for?

Centre directors, approved providers, nominated supervisors, and educational leaders. Long day care, family day care, preschools, and outside school hours care services. Any early childhood service that handles children's records and family information—and wants to understand their cyber security posture without needing IT expertise.

AI-Powered

Your Assessment Includes a Personal AI Security Advisor

Two AI assistants are built into the tool — one to help you during the assessment, one to help you make sense of your results. Like having a security professional on call.

During the assessment

Not sure what a question is asking? Just ask.

Every question in the assessment has an AI helper built in. Tap it and ask anything — "What does this question actually mean?", "Can you give me an example?", "Why does this matter for my business?" — and you'll get a plain-English explanation instantly.

  • Explains technical concepts in everyday language
  • Gives real-world examples relevant to your industry
  • Never suggests how to answer — just helps you understand
  • No technical background required to complete the assessment
AI question helper explaining a cyber security question in plain English during the assessment
Assessment question interface showing radio button answer choices and plain English guidance
After you finish

Your Personal Security Advisor — available the moment you see your results.

Once your results are in, an AI security advisor has your full assessment in front of it and is ready to answer any question about what it means — in plain English, as if you're talking to a security professional.

  • "Explain my highest risk gap in simple terms"
  • "Walk me through how to fix action #3"
  • "Which gaps are easiest to fix myself?"
  • Ask anything — your advisor knows your specific results
AI Personal Security Advisor chat interface showing results-based guidance after completing the health check

No consultants. No jargon. No guesswork.

For the first time, small businesses get the same quality of guidance that used to cost hundreds of dollars an hour — built directly into the assessment.

Get the Childcare Cyber Health Check

Buy Now
$799 + GST

Common Questions

Why do childcare centres need to think about cyber security?

Childcare centres collect highly sensitive information about children and families — immunisation records, custody arrangements, emergency contacts, and financial details for CCS subsidies. This data is attractive to identity thieves and fraudsters. The Child Care Subsidy (CCS) system is also a target for fraud, with criminals attempting to manipulate subsidy payments through compromised provider credentials.

What regulatory obligations apply to childcare centres?

ACECQA's National Quality Framework and state regulatory authorities require centres to protect the privacy and confidentiality of children and families. The Privacy Act 1988 applies to childcare services that collect personal information. The Department of Education's CCS participation requirements include obligations to protect provider portal credentials and report suspected fraud.

What does the Childcare Centre Health Check cover?

The health check covers CCS portal and provider credential security, child management system access controls, parent communication platform security, immunisation and health record protection, financial system security, staff device and password management, and incident response planning for childcare environments.

What do I receive after completing the health check?

You receive a professional report with prioritised recommendations tailored to childcare centre risks. The report is suitable for sharing with your centre director, responsible person, or keeping on file as evidence of reasonable steps to protect the information of children and families in your care.

View all frequently asked questions →

Further Reading

Resource

Cyber Security for Childcare Centres

Why childcare centres are targeted, what the NQF and Privacy Act require, and the practical steps that protect children's data and your CCS portal access.

Read the guide