Skip to main content

Governance directory

Standards and policy directory

This directory explains the current standards behind GFSA privacy, membership, institution accounts, service delivery, public content, industry data and digital tools. Each item links to the public page where its practical effect can be understood.

What the edition label means

The label identifies the applicable public edition. It is not an outcome guarantee, practitioner licence, regulator replacement or individual professional advice. Material changes create a new edition rather than silently rewriting an earlier acceptance.

Directory coverage

25 current public standards and decisions across seven areas. Exact internal identifiers, historical versions and security or release contracts remain in the protected administrator directory.

Privacy, terms and complaints

Current July 2026 edition

Privacy lifecycle policy

Explains collection, use, retention, rights requests, legal holds and anonymisation boundaries, including annual survey data.

Read the applicable public page →
July 2026 edition

Complaint intake privacy notice

Explains sensitive data, evidence, confidentiality limits and governance use at complaint intake.

Read the applicable public page →

Membership, verification and development

Version 1

Member identity-verification declaration

Records confirmation for minimised identity checks, human review and public-badge boundaries.

Read the applicable public page →
July 2026 edition

Advanced-tier application declaration

Confirms truthful applications, independent review, no guaranteed outcome and minimum public status.

Read the applicable public page →
July 2026 edition

Advanced-tier peer-review standard

Sets reviewer counts, conflict recusals, evidence thresholds, reasons and public-status boundaries.

Read the applicable public page →

Institution accounts and publication

July 2026 edition

Organisation data-controller declaration

Requires accountable data-control, privacy and complaint contacts and confirmation of accuracy.

Read the applicable public page →
July 2026 edition

Organisation team-invitation declaration

Defines invitation purpose, role scope, token lifetime, revocation and invitee responsibilities.

Read the applicable public page →
July 2026 edition

Organisation workspace governance terms

Sets ownership, role permissions, personnel changes, publication boundaries and accountability.

Read the applicable public page →
July 2026 edition

Organisation profile-publication declaration

Confirms authority and accuracy and that publication is not licensing, government recognition or outcome endorsement.

Read the applicable public page →
July 2026 edition

Organisation team-member publication consent

Each member independently chooses whether to appear and can withdraw publication.

Read the applicable public page →
July 2026 edition

Organisation case de-identification declaration

Requires a lawful source, adequate de-identification, no outcome guarantee and independent human review.

Read the applicable public page →

Service provision and delivery

July 2026 edition

Service-provider listing declaration

Confirms no guaranteed outcome, no replacement of regulated or emergency professionals, and data minimisation.

Read the applicable public page →
July 2026 edition

Service informed-consent declaration

Records scope, limitations, fees, cancellation, privacy and referral boundaries before service.

Read the applicable public page →
July 2026 edition

Service delivery and record boundary

Stores only necessary scheduling, consent, status and report metadata, excluding card data and consultation bodies.

Read the applicable public page →

Knowledge, claims and cases

July 2026 edition

Knowledge and public-claims governance standard

Uses allowed, restricted and prohibited rules for terminology, claims, cases and editorial content, with human final decisions.

Read the applicable public page →
July 2026 version 2

Public case-library de-identification standard

Requires generalised time, location, age and context, excludes identifiers and checks combined re-identification risk.

Read the applicable public page →

Annual surveys and aggregate data

July 2026 edition

Annual industry-survey participation consent

Explains voluntary participation, update or withdrawal, controlled choices and non-public individual responses.

Read the applicable public page →
July 2026 edition

Industry-data aggregation and suppression method

Publishes only immutable aggregates passing fixed sample, share, grouping and human-review thresholds.

Read the applicable public page →

Digital tools and public interfaces

July 2026 edition

Human-accountable assisted content-review standard

Deterministic checks provide prompts only; authorised humans own final reasons and decisions.

Read the applicable public page →
July 2026 edition

Public guidance-tool safety boundary

Provides fixed, non-personalised education without storing raw questions, professional advice or outcome guarantees.

Read the applicable public page →
Public API v1

Public read-only API contract

Reuses human-approved public snapshots and provides no writes, account automation, personal advice or tenant administration.

Read the applicable public page →
July 2026 decision

Public API and SaaS architecture decision

Records the small read-only public API and defers multi-tenant, white-label and write-enabled SaaS capabilities.

Read the applicable public page →

Questions, corrections and complaints

Use the privacy policy for data rights, the complaints process for conduct or publication concerns, and the developer documentation for public API details.