Security you can rely on

2,425

Keep your account and electronic patient health information (PHI) safe.

30-day trial. No credit card required. Access all features.
2,425
Katie M. from Austin, TX

Katie M. from Austin, TX

The SimplePractice Security and Privacy Program

Our Security and Privacy Program incorporates all aspects of the platform: people, process, and technology. It is based on HIPAA, HITRUST, NIST-CSF, PCI, ISO 27001/2, and CCPA frameworks. It includes security and privacy controls across 19 different domains, including but not limited to access control, data encryption and privacy, vulnerability management, vendor management, network protection, endpoint protection, risk management, and disaster recovery.

HIPAA-compliant and HITRUST certified

Keep sensitive data safe with an EHR that satisfies both HITRUST and HIPAA security requirements. There are no specific HIPAA certifications an organization can obtain. However, the gold standard to confirm compliance is HITRUST certification. After review by a third-party assessor, SimplePractice received a HITRUST Certification Report by the HITRUST Alliance.

Bank-level security

SimplePractice takes the security of your account information seriously. Multiple layers of encryption are used to protect your data while it is stored or transmitted electronically. PCI-level controls are implemented to ensure that the information you process is equivalent or better than some financial institutions.

Bank-level security lets you focus on client care

Secure servers, monitored 24/7

Physical security is an important component to protect your data. Our platform servers are housed in a facility protected by proximity readers, biometric scanners, and security guards 24/7, 365 days a year.

SimplePractice's servers are monitored 24/7

Constantly tested to be
hack-proof

We hack our own site—running thousands of tests, scanning our ports, and protecting against cross-site scripting. In addition, we partner with external security firms to assess our platforms’ with an unbiased neutral approach.

White-hat hacking helps SimplePractice to maintain the best-in-class security

All-in-one

“From booking appointments through my website, hosting video appointments with clients, and billing and collecting payments, SimplePractice takes care of my private practice every step of the way.”

— Jamie M. from Los Angeles, CA

Jamie M. from Los Angeles, CA

Online Booking

“If people can't book you without talking to you, you're not open for business. And SimplePractice helps with that. You can make an appointment and never have left your couch.”

— Donna O. from Washington D.C.

Donna O. from Washington D.C.

Insurance

“The features I love: easy scheduling for patients, secure messaging, automatic invoice generation, note storage, and Telehealth. No other physical therapy compatible platform offers this much while being able to handle insurance.”

— Katie M. from Everett, WA

Katie M. from Everett, WA

Group Practice

“If you are thinking about a group practice, I would say get your electronic records system in place and comfortable with it. SimplePractice has been great for operating our practice.”

— Dr. Lisa H. from Tacoma, WA

Dr. Lisa H. from Tacoma, WA

User-friendly

“SimplePractice has been the best decision for my private practice as a Dietitian. It's extremely user-friendly and budget-friendly. It seems too good to be true, and I would highly recommend it to anyone.”

— Marisa M. from Rolling Hills Estates, CA

Marisa M. from Rolling Hills Estates, CA

96%

practitioner
satisfaction

Frequently asked questions

Here are some commonly asked questions, or read all FAQs.

Is SimplePractice compliant with HIPAA’s security and privacy policies?

Yes, we take your data security seriously. Our security page contains everything about what we do to ensure the safety and integrity of your data.

Is SimplePractice HIPAA-compliant?

Yes, we meet or exceed all the requirements of HIPAA as a business associate, including the Business Associate Agreement (BAA) in which SimplePractice agrees to be responsible for keeping all client information private and to immediately report any breach of personal health information.

Do you have a Business Associate Agreement?

Yes. By signing up for a free, 30-day trial, you agree to our Business Associate Agreement.

Read all FAQs

Be the best version of your (business) self

Be the best version of your (business) self

webinars

20 Essential Telehealth Tips for Your Virtual Practice
calculators

Can Your EHR Pass This Test?
eBooks

A Clinician’s Guide to Bookkeeping in Private Practice
webinars

The Secrets to Opening and Managing Your Private Practice
eBooks

How to Start a Private Practice on the Side
guides

Make What You’re Worth: How to Set Your Rates in Private Practice

Explore our other features

Manage and grow your private practice, all in one place.

Free 30-day trial. No contracts. Change anytime. Tax deductible.

Start My Free Trial
No credit card needed
Access all features
HIPAA-compliant