Branded form preview with practice name, practitioner, AHPRA registration, and region.
Type-aware rendering for all 9 question types: short text, paragraph, single choice, multiple choice, dropdown, scale, date, consent checkbox, and signature.
Australian Privacy Act 1988 compliance: APP 5 collection notice and APP 7 granular per-statement checkbox consent.
Typed-name signature field as the final question of every generated form.
Fail-safe AHPRA compliance verification: parse failures now flag the form for manual review rather than defaulting to “compliant”.
Shared canonical form schema with the FormIQ Wix and self-hosted apps — same UX everywhere.
1.2.0
Security: Upgraded API key storage from AES-256-CBC to AES-256-GCM (authenticated encryption)
Security: Added SSRF protection on admin-configurable API URL (blocks RFC 1918, loopback, metadata IPs)
Security: Disabled HTTP redirect following in API client to prevent redirect-based SSRF
Security: Added per-user rate limiting on form generation (10 requests/minute)
Security: capped customInstructions at 1000 characters with sanitisation
Security: Generic error messages returned to clients (raw upstream errors logged server-side only)
1.1.4
Improved AHPRA compliance detection accuracy
Added DVA and Medicare field support in custom instructions
UI copy improvements
1.1.0
Added job-based async generation with real-time progress
Added AHPRA compliance flag and compliance notes
Added form preview with field-level rendering
1.0.0
Initial release — AI form generation for 7 allied health specialties
