Everything you need to know about how WattleLink works, where your data lives and how we keep it safe. Can't find what you're after? Get in touch.
WattleLink is a medical affairs intelligence platform built specifically for Australian pharmaceutical teams. It replaces the mix of spreadsheets, shared drives and email threads that most teams rely on to manage published evidence, generate claims, track safety signals and coordinate KOL relationships.
The core of the product is a governed pipeline that takes a paper from initial literature search all the way through quality assessment, structured summarisation, AI-assisted claim drafting and human approval. Every step requires human sign-off. The AI assists and drafts; your team decides.
WattleLink is built for medical affairs teams at pharmaceutical and biotechnology companies operating in Australia. Medical Science Liaisons, Medical Affairs Managers and their leadership are the primary users of the pipeline and intelligence modules.
Commercial teams also have a read-only view of approved content, so marketing and sales colleagues can access confirmed summaries and approved claims without ever seeing draft or unapproved material.
No. WattleLink is a workflow tool, not a medical device. It does not generate clinical recommendations, diagnose conditions or provide advice that reaches patients. It is a productivity and governance platform for medical affairs professionals who are responsible for managing evidence and producing compliant claims.
Mandatory human approval is built into every step of the process. AI output is always clearly labelled as a draft and cannot be published or shared without an authorised reviewer signing off on it.
Papers move through four governed stages: Search and Ingest, Quality Assessment, Summaries, and Core Claims. Each stage has its own tools and each requires explicit human sign-off before a paper moves forward.
Search and Ingest connects directly to PubMed. You can run Boolean queries with AI-assisted term suggestions, and open-access papers are fetched automatically. Paywalled papers can be uploaded as PDFs.
Quality Assessment applies Cochrane GRADE methodology and Risk of Bias scoring. The AI pre-fills assessments based on the full text; a reviewer confirms or adjusts each field before it is locked.
Summaries produce a structured findings table and an executive paragraph, both anchored to specific passages in the source PDF with page references included.
Core Claims are AI-drafted from the confirmed summary and then go through an Approve, Edit or Reject workflow. Every claim must have a fair balance pairing. Claims cannot be approved without one.
Yes. If a paper is not open access, you can upload the PDF directly from your institution's licensed copy. WattleLink will extract the full text and process it through the pipeline in the same way as automatically fetched papers.
The original source file is never modified and remains intact for audit and legal purposes.
No. This is a hard rule baked into the product. AI output is always labelled as a draft. A qualified reviewer must explicitly approve each claim before it can be exported or shared. The system will not allow an AI draft to leave the platform without human sign-off.
The AI assists by drafting claim text, pre-filling quality assessments and suggesting relevant literature. Every one of those suggestions requires a human to confirm, edit or reject it. The distinction between "AI suggested" and "human approved" is preserved throughout the audit trail.
All data is stored in the AWS Sydney region (ap-southeast-2). This covers your database, uploaded PDFs, processed documents and all file attachments. Nothing leaves Australian jurisdiction unless your organisation explicitly configures a different region, which we would discuss with you directly before enabling.
We chose AWS Sydney because it meets the data residency expectations of Australian pharmaceutical organisations and aligns with the TGA's guidance on digital health infrastructure.
Data is encrypted in transit using TLS 1.2 or higher and encrypted at rest using AES-256. Uploaded PDFs and attachments are stored in private S3 buckets with no public access. Access to those files requires authenticated, time-limited signed URLs generated by the application.
The application itself runs in a private VPC. Database access is restricted to the application layer and is not publicly reachable. Regular automated backups are taken and stored in a separate AWS region as a disaster recovery measure.
No. WattleLink is a multi-tenant platform, meaning each organisation has its own isolated workspace. Tenant isolation is enforced at the database query level, not just the application layer. Every query is automatically scoped to your organisation's data and there is no mechanism for one tenant's data to be visible to another.
We do not use your data to train AI models or share it with third parties for any purpose other than operating the service. The AI features are powered by the Anthropic API and your content is subject to Anthropic's enterprise data handling terms, which do not permit training on customer data.
Access is role-based. Medical Affairs users have full access to the pipeline, intelligence modules, and all draft and approved content. Commercial users have a read-only view that shows only content confirmed by Medical Affairs. They cannot see AI drafts, papers in progress, or anything pending review. Administrators manage team members, roles and workspace settings.
This separation is enforced at the view level and the database query level. Commercial users cannot reach draft content even by manipulating URLs or API calls.
Every create, update, approval, rejection and export action is recorded with a timestamp, the user who performed it, and a snapshot of the record's state before and after the change. The audit log is append-only. Records cannot be edited or deleted, and a database level rule prevents any application code from overwriting past entries.
This means if you are ever asked to demonstrate that a claim was approved by a qualified reviewer at a specific point in time, or to show the full edit history of a summary, that information is always available and reconstruction-ready.
Yes, but with full version control. If a claim needs to be updated after approval, a new version is created. The previous approved version is retained in full and remains visible in the version history. You will always be able to see what was approved, who approved it and when, and what changed in subsequent versions.
This approach means there is no silent editing of approved content. Every change creates a traceable record.
SAML SSO is on the roadmap and is available to enterprise customers by arrangement. If your organisation uses Okta, Azure AD or another SAML identity provider and SSO is a requirement for your security team, please get in touch and we will work through the configuration with you.
In the meantime, WattleLink supports email and password authentication with optional social login. Invited users set their own passwords via a secure token link and there is no ability to sign up without an explicit invitation from a workspace administrator.