HIPAA, handled

The best way to protect patient data? Barely hold any.

applaud is fully HIPAA-compliant — BAA signed with every practice, safeguards enforced in software. But our real advantage is simpler: we were designed to work with almost no data at all. Your clinical records never leave your EHR, because we never ask for them.

Everything we hold
  • A first name
  • A phone number
  • An email address (optional)
  • The date you added them

That's the entire list. Enough to say “Hi Jane, how did your recent visit go?” — and nothing more.

What we never store
  • Diagnoses or conditions
  • Treatments or procedures
  • Visit notes or clinical records
  • Doctor or provider names
  • Appointment details or medical dates
  • Insurance or billing codes

Your EHR stays the system of record. applaud is a contact layer, not a records system.

Compliance that's enforced in software, not promised in a PDF.

A BAA with every practice

Our Business Associate Agreement is built into the same signature as your service agreement — you're covered from day one, before a single message sends.

Clinical language is blocked in software

Every outbound message passes a PHI filter that blocks clinical terms before sending. Messages only ever say “your recent visit” — never why anyone visited.

Conversations don't linger

When a patient's review journey completes, the conversation is purged. We keep the outcome, not the chat log — minimum-necessary by design.

Everything is auditable

Every send, opt-out, and staff action lands in an append-only audit log. Opt-outs are enforced instantly and permanently, and messages respect quiet hours.

What this means for your practice

Because a patient's connection to your practice is itself protected information, we treat everything we touch with HIPAA care — BAA, safeguards, audit trail. But since we never hold clinical data, your exposure from using applaud stays as small as it can possibly be. Compliance isn't a feature we added; it's the shape of the product.

This page is a plain-English summary, not legal advice. The binding detail lives in your BAA & HIPAA terms.