<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
  <url>
    <loc>https://www.matthewratcliffe.com.au/</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/resume</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/building-ai-products-for-sensitive-data</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/why-i-deploy-shared-aws-infrastructure-this-way</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/ai-agents-vs-chatbots</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/configuration-over-custom-code</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/offline-sync-is-a-business-process-not-just-a-technical-feature</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/security-lessons-from-building-software-for-sensitive-information</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/what-makes-an-enterprise-api-easy-to-test</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/hl7-v2-isnt-broken-so-why-replace-it</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/understanding-adt-orm-mfn-dft-siu-and-oru-messages-without-the-jargon</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/a-practical-way-to-build-and-maintain-a-technical-debt-register</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/why-front-end-security-checks-do-not-protect-your-api</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/how-to-break-a-large-enterprise-product-into-deliverable-technical-stories</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/cursor-pagination-why-previous-page-is-harder-than-it-looks</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/authenticatio-is-not-authorisation</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/authentication-is-not-authorisation-the-mistake-that-exposes-entire-organisations</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/designing-software-around-operational-reality-not-the-happy-path</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/device-authentication-vs-user-authentication-in-enterprise-mobile-apps</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/from-business-workflow-to-software-architecture</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/fhir-vs-hl7-why-the-future-is-taking-decades</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/the-danger-of-treating-a-missing-role-as-full-access</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/designing-mobile-business-applications-that-still-work-when-the-network-does-not</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/designing-apis-for-barcode-driven-workflows</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/the-hidden-value-of-mapping-technical-stories-back-to-business-workflows</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/why-you-should-document-your-current-architecture-before-designing-the-future</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/why-request-response-apis-eventually-need-events-and-background-processing</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/why-enterprise-architecture-diagrams-become-outdated-and-how-to-prevent-it</loc>
  </url>
  <url>
    <loc>https://www.matthewratcliffe.com.au/blog/how-to-pen-test-a-multi-tenant-saas-application</loc>
  </url>
</urlset>
