1. Synapxe, on behalf of the Public Healthcare entities in Singapore, has embarked on a Vulnerability Disclosure Programme (VDP). The programme is part of our continuous effort to proactively discover and remediate security vulnerabilities in our public healthcare digital assets before they are exploited by malicious threat actors.
2. We encourage participants to responsibly report suspected vulnerabilities or weaknesses in Synapxe’s and/or public healthcare entities’ IT services, systems and websites, without contravening all applicable laws and regulations (e.g., Computer Misuse Act, etc.).
3. For the avoidance of doubt, attempts to exploit or test vulnerabilities (e.g., gaining unauthorised access to any computer programme or data) is prohibited.
4. Participation in the programme is voluntary and is subject to the terms and conditions of this VDP as described in the VDP policy page. By submitting a report, you acknowledge and agree to these terms and conditions.

Do note, we will not provide any cash reward or financial incentive of any kind for the reported & validated vulnerability.

We reserve the right to amend any part of this page at any time at our sole and absolute discretion without any advance notice. Your participation and continued participation in the VDP constitutes your acknowledgement and acceptance of the amendments.