Disclaimer
Last updated · 15 April 2026
1. General Information
The information presented on this website is published by MHNexus Sdn Bhd (Company Registration No. 201201041742 / 1026220-A) for general informational purposes only. While reasonable efforts are taken to ensure that the content is accurate and current at the time of publication, MHNexus makes no representation, warranty, or guarantee, express or implied, regarding its accuracy, completeness, reliability, or suitability for any particular purpose.
2. No Medical Advice
Nothing on this website constitutes medical, clinical, or diagnostic advice. The platforms and services described herein are provided to healthcare institutions as data infrastructure and shall not be relied upon by any individual as a substitute for professional consultation, examination, or treatment by a qualified healthcare provider.
3. No Professional Advice
The content of this website does not constitute legal, regulatory, financial, or professional advice. Any reliance placed on such information is strictly at the visitor's own risk. MHNexus accepts no liability for any loss or damage, including without limitation indirect or consequential loss or damage, arising from reliance on information contained on this website.
4. Third-Party References
This website may reference third-party platforms, partner organisations, certifications, or external sources. Such references are provided for informational purposes only and do not constitute endorsement, sponsorship, or affiliation unless expressly stated. MHNexus is not responsible for the content, policies, or practices of any third-party site or service.
5. Intellectual Property
All content on this website, including but not limited to text, graphics, logos, system designs, and software identifiers, is the property of MHNexus Sdn Bhd or its licensors and is protected under applicable intellectual property laws. No part of this website may be reproduced, distributed, or transmitted in any form without prior written consent.
6. Limitation of Liability
To the maximum extent permitted by law, MHNexus shall not be liable for any direct, indirect, incidental, consequential, or punitive damages arising out of access to, use of, or inability to use this website, even if MHNexus has been advised of the possibility of such damages.
7. Governing Law
This Disclaimer shall be governed by and construed in accordance with the laws of Malaysia. Any disputes arising in connection with this website shall be subject to the exclusive jurisdiction of the courts of Malaysia.
MHNexus Sdn Bhd
A-32-13, Menara UOA Bangsar 5, Jalan Bangsar Utama 1, 59000 Kuala Lumpur, Malaysia
T · +603 4810 4791
Security Policy
Last updated · 15 April 2026
1. Commitment
MHNexus Sdn Bhd is committed to protecting the confidentiality, integrity, and availability of all information assets entrusted to it by clients, partners, and patients. Our security programme is governed by an Information Security Management System (ISMS) aligned to ISO/IEC 27001 and applicable Malaysian regulatory requirements.
2. Governance & Compliance
Security is overseen by an internal governance committee that conducts periodic risk assessments, policy reviews, and independent audits. MHNexus operates in alignment with applicable healthcare data regulations, the Personal Data Protection Act 2010 (Act 709), and contractual obligations with public-sector and private-sector clients.
3. Data Protection
- All personal and health-related data is encrypted in transit using TLS 1.2 or higher.
- Data at rest is encrypted using AES-256 or equivalent industry-standard algorithms.
- Cryptographic keys are managed in dedicated key management services with strict access controls and rotation policies.
- Production data is logically and physically segregated from development and testing environments.
4. Access Control
Access to systems, data, and infrastructure is granted strictly on a need-to-know and least-privilege basis. Multi-factor authentication is enforced for all administrative and remote access. Access reviews are conducted on a recurring basis, and privileged activity is centrally logged for audit.
5. Hosting & Infrastructure
MHNexus deploys solutions on MyGovCloud, Amazon Web Services (AWS), or client on-premise environments, in accordance with sovereignty, regulatory, and contractual requirements. Infrastructure is hardened to recognised benchmarks, with continuous patching, vulnerability management, and configuration management.
6. Monitoring & Incident Response
Security events are monitored on a continuous, round-the-clock basis. MHNexus maintains a documented incident response plan covering detection, containment, eradication, recovery, and post-incident review. Confirmed incidents involving personal data are escalated to affected clients and, where required, to regulatory authorities within applicable timeframes.
7. Business Continuity
Business continuity and disaster recovery procedures are maintained, periodically tested, and aligned with agreed Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO). Backups are encrypted, stored in geographically separated locations, and validated through restoration testing.
8. Personnel Security
All MHNexus personnel undergo background verification appropriate to their role, sign confidentiality agreements, and complete mandatory security and privacy training upon onboarding and on an annual basis thereafter.
9. Third-Party & Supplier Risk
Third-party suppliers and sub-processors are subject to security due diligence, contractual obligations, and ongoing review proportionate to the sensitivity of the data processed.
10. Reporting Concerns
Suspected vulnerabilities or security concerns may be reported in confidence to the contact below. MHNexus acknowledges legitimate reports promptly and commits to responsible coordination of remediation activities.
Privacy Policy
Last updated · 15 April 2026
1. Introduction
This Privacy Policy describes how MHNexus Sdn Bhd ("MHNexus", "we", "us") collects, uses, discloses, and protects personal data in connection with this website and the corporate services we provide. This Policy is issued in accordance with the Personal Data Protection Act 2010 (Act 709) of Malaysia and other applicable laws.
2. Scope
This Policy applies to personal data we collect through our public website, business communications, and procurement processes. Personal data processed within client healthcare platforms operated by MHNexus is governed by the data processing agreements concluded with the relevant healthcare institution, which is the data controller for such data.
3. Information We Collect
- Contact information you submit voluntarily, such as name, organisation, email address, and telephone number.
- Communication content shared through enquiry forms, email correspondence, or scheduled meetings.
- Technical information automatically collected when you visit our website, including IP address, browser type, device information, referring pages, and timestamps.
4. Purposes of Processing
Personal data is processed for the following purposes: responding to enquiries; managing prospective and existing client relationships; fulfilling contractual obligations; complying with legal and regulatory obligations; ensuring the security and proper functioning of our website; and conducting authorised research and analytics on aggregated, non-identifiable data.
5. Legal Basis
We process personal data on the basis of your consent, the necessity of performing a contract or pre-contractual steps requested by you, compliance with legal obligations, or our legitimate interests in operating and protecting our business, provided such interests are not overridden by your rights.
6. Disclosure of Personal Data
MHNexus does not sell personal data. We may disclose personal data to authorised employees, vetted service providers acting on our behalf under confidentiality obligations, and competent regulatory or law-enforcement authorities where legally required. International transfers, where applicable, are protected by appropriate safeguards.
7. Retention
Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected, to comply with legal, regulatory, and contractual obligations, or to establish, exercise, or defend legal claims. When no longer required, personal data is securely deleted or anonymised.
8. Your Rights
Subject to applicable law, you have the right to request access to, correction of, or deletion of your personal data; to limit or object to certain processing; to withdraw consent previously given; and to lodge a complaint with the relevant supervisory authority. Requests may be submitted to the contact below and will be addressed within statutory timeframes.
9. Cookies & Analytics
This website uses a minimal set of functional cookies and may use anonymised analytics to understand usage patterns and improve performance. You may configure your browser to refuse or delete cookies; certain functionality may be affected as a result.
10. Security
MHNexus implements administrative, technical, and physical safeguards designed to protect personal data against unauthorised access, alteration, disclosure, or destruction, in line with our Security Policy.
11. Updates to this Policy
This Policy may be updated from time to time. The "Last updated" date above reflects the most recent revision. Material changes will be communicated through this website or by direct notice where appropriate.