The law
Obligations we work to
Privacy Act 1988 (Cth); Australian Privacy Principles; Notifiable Data Breaches scheme; state health-records legislation where it applies.
Capability statement
Overview
Nitivra is a Perth advisory practice for AI governance and business readiness, serving healthcare and allied-health organisations that are adopting AI under real accountability: to regulators, funders, clients, and their own boards.
We advise; we do not build, host, or operate AI systems for clients, and we take no commission on any tool, licence, or hardware. We are independent of every vendor. Our advice is plain, declarative, and recorded so it survives scrutiny by a board or a regulator.
The practice is principal-led: buyers get senior attention on every engagement, not a consulting bench.
Entity details
Insurance and contract documentation for procurement checks is available on request.
Core capabilities
| Capability | Description |
|---|---|
| AI governance diagnostic | The First-Look: a fast, paid assessment of current AI use, the top risks, and a go or scope recommendation. |
| Readiness baseline | A defensible position on every AI use: use register, defensibility assessment, risk and control register, board-ready record. |
| AI use policy and decision rights | A working policy, an approval path, decision rights, and named controls with named owners. |
| Retained advisory | Quarterly governance review, incident support, and regulatory updates that keep the position current. |
The law
Privacy Act 1988 (Cth); Australian Privacy Principles; Notifiable Data Breaches scheme; state health-records legislation where it applies.
The sectors
Allied-health practices, NDIS providers, aged care, primary care networks, and their compliance, risk, and clinical-governance functions.
The references
Guidance for AI Adoption (National AI Centre); the Voluntary AI Safety Standard it evolves; ISO/IEC 42001; the NIST AI Risk Management Framework.
Founder
Most AI adoption does not fail on the model. It fails on the gap between the people building the tool and the people who have to answer for it. Closing that gap, before the audits and the regulatory tightening, is the work.
Gehe founded Nitivra after eighteen years inside regulated delivery, carrying an assurance discipline since he started his career in audit at Ernst & Young. At Societe Generale he worked on the controls that followed the bank's rogue-trading failure; at Patersons Securities and Canaccord Genuity he drafted the internal policies that met ASIC and ASX market-integrity rules; and at Curtin University he led a federal regulatory data transformation (HEIMS to TCSI) with the Department of Education, governing user acceptance, traceability, and go-live without a critical outage.
He does not only advise on governed AI; he has built it, privately: a privacy-first tool that drafts occupational-therapy reports entirely on local hardware with a clinician reviewing and signing every report, and an on-device analysis model with Australian healthcare regulation engineered in, so his own client work is done without sensitive data leaving a controlled environment.
His lane is governance, risk, and readiness. Clinical decisions stay with clinicians.
Qualifications
How we use AI in delivery
A named accountable person signs every deliverable. No client or sensitive data leaves a privacy-safe, local environment. AI does the legwork; the judgement and the accountability are the founder's.
Engagement
The first conversation is without charge. Most organisations then start with the fixed-fee First-Look diagnostic; its fee credits toward the Baseline. Every engagement runs on a written scope, a fixed fee, and standard terms: confidentiality, privacy under the Privacy Act 1988 (Cth), deliverable ownership on payment, and no lock-in.
Contact