For patients
Self-service the things HIPAA gives them the right to. The portal handles all three patient-rights endpoints — most platforms ship one or none.
Sign-in
AWS Cognito with email + password or Google. Auto-link to the existing chart on first sign-in (no duplicate records).
Appointments
Self-book, see upcoming visits, cancel + reschedule with same-day guardrails. Public booking page reads live availability from Google Calendar (free/busy only).
Reminders
Patients pick up to three reminders per appointment from a 6-option lead-time enum (2hr → 2d). Email today, SMS once 10DLC is registered.
Visits & SOAP notes
Read-only access to signed clinical notes. Drafts excluded — they're work product.
Files
Download X-rays, intake PDFs, and any other documents the practice uploaded.
Messages
Two-way thread with the practice. Staff get email notifications; patients get email + SMS.
Exercises
Prescribed exercise list with images/video. Mark today's reps complete; staff see compliance trend.
Payments + invoices
View invoices, pay via Stripe (BAA-exempt for payment processing). Reimbursify widget for out-of-network claims.
§164.524 Right of Access
Download the full record (HTML readable + JSON data) self-service. No 30-day wait, no fee.
§164.526 Right to Amend
Submit amendment requests; track status; file a §164.526(d)(2) statement of disagreement after a denial.
§164.528 Disclosure accounting
See every third-party disclosure (insurance, court orders, public-health) the practice has made on your behalf. Download the formal accounting.
Privacy notice + audit log visibility
Patient sees what the practice tracks, when staff opened their chart, and how they can exercise rights.
For practice staff
The day-to-day workflow. Same software the founder uses in his own clinic — feature parity is non-negotiable.
Schedule
Day/week/month views. Drag to reschedule. Wait list with FIFO matching when cancellations open slots.
Patient charts
Profile, history, appointments, files, messages, exercises, treatment plans, payments — all on one tabbed page.
SOAP notes with dictation
AWS Transcribe (BAA-covered) — record voice, get text. Templates + smart-pick option lists for common findings. Sign locks the note.
Visit notes + charges
Per-visit billing codes, charges, ICD-10 + CPT pickers, exportable as superbill (CMS-1500-shaped).
Documents
Form letters, work excuses, exercise programs, intake confirmations — auto-fired or manual. Per-practice toggles default OFF; clinical/legal templates are manual-only.
Messages + tasks
Inbox of patient messages + per-staff todos. Email/SMS notifications fan out to opted-in staff.
Wait list
Patient signs up for an earlier slot; staff see the queue when cancellations open availability.
Tasks + team chat
Lightweight internal coordination so the practice doesn't need a separate Slack.
For admins (practice owners)
Settings and visibility. The practice owns its data; ChiroFlow owns the operational lift.
Practice details + branding
Logo, hero image, color theme, fonts, custom CSS (sanitized), business hours, services, conditions treated, testimonials.
Public marketing site
Per-tenant subdomain. Editable homepage, services, about, blog, contact form, pricing pages. Six pre-written treatment templates.
SEO + per-page meta
Title, description, canonical, OG, JSON-LD per page. Plus site-wide GA4 + Search Console verification — both scoped to public pages only (HIPAA).
Patient communication automation
Welcome letters, birthday cards, recall — all togglable per practice, all default OFF, all shipped from a Lambda cron.
Email + SMS settings
Booking confirmations, 24h reminders, contact-form auto-reply, staff alerts. PHI never appears in email subjects or SMS bodies.
Staff + roles
Add/remove staff, set role (admin/staff), TOTP MFA self-service. Cognito custom attribute scopes every user to their practice.
Stripe Connect
Direct deposit, payment links, invoices, partial refunds. Server-side description allow-list keeps PHI out of payment metadata.
Reimbursify integration
Patient out-of-network claim widget. Practice maintains its own BAA with Reimbursify; ChiroFlow hosts the widget snippet.
Patient-rights review
Amendment requests, disclosure log — admin reviews and responds with a 60-day clock and one-time 30-day extension per regulation.
For your auditor
The HIPAA + security posture. AWS-managed where it makes sense, application-managed where the regulation demands it.
Single AWS BAA
Cognito, RDS, S3, SES, SNS, CloudFront, Route 53, Lambda, KMS, CloudTrail, GuardDuty, WAF — all under one BAA. Stripe is the lone exception (payment-processor exemption §164.501).
Append-only audit log
Every PHI read + write writes a row. Postgres trigger blocks UPDATE/DELETE/TRUNCATE. Defeats application bugs and accidental psql mutations.
CloudTrail with 6-year Object Lock
Multi-region trail with log-file validation. S3 destination has Object Lock COMPLIANCE mode — even root cannot delete logs before retention expires.
Failed-login monitoring
App-level failed sign-ins (Cognito accepted credentials but no matching principal) plus Cognito-level (bad password, locked account) mirrored from CloudTrail to audit_log.
PHI-scrubbing log wrapper
All app code routes through lib/log.ts which redacts known PHI keys + sweeps strings for email/phone/SSN. ESLint enforces it.
Customer-managed KMS
Annual rotation, our key policy. Wired to S3 PatientFiles; RDS rekey scheduled for the next migration window.
VPC Flow Logs + GuardDuty
Network-level forensics + automated threat detection with 15-min finding frequency.
Idle-timeout enforcement
Client-side auto-logout (15 min staff/admin, 30 min patient) per §164.312(a)(2)(iii).
Staff TOTP MFA
Self-service enrollment from /admin/security. Cognito enforces MFA at sign-in once enabled.
Every feature listed here is in production at ahpts.com today. No screenshots from a roadmap.
See pricing →