Skip to main content
HIPAA & security

HIPAA & Security Overview

CaelaraHealth HIPAA & Security overview for healthcare practices evaluating the platform.

Last updated: June 20, 2026

This overview is for general evaluation only. It is not legal advice and does not replace your practice's HIPAA policies, legal review, or signed customer agreements.

Our HIPAA Posture

CaelaraHealth is designed to support HIPAA-aligned healthcare operations for practices that need to protect patient information while keeping care workflows usable. No software can make a practice HIPAA-aligned by itself; people, policies, training, agreements, and access decisions matter too.

When GagliTech LLC operates CaelaraHealth for an eligible customer whose workflows involve protected health information, the applicable customer agreement and BAA or HIPAA addendum describe the specific responsibilities.

Product Safeguard Themes

  • Role-aware workspaces for provider, patient, care-team, practice-admin, and internal administration experiences.
  • Portal-first clinical communication so sensitive details are not placed in ordinary public forms.
  • Extra sign-in protection for practice-side users where configured.
  • Audit-aware workflows for sensitive patient and account activity.
  • Minimum-necessary design goals for notifications, support access, and AI draft workflows.
  • Provider review before AI-assisted drafts become patient-facing content or clinical documentation.

Customer Responsibilities

Your practice remains responsible for deciding who receives access, training workforce members, maintaining your own patient notices and policies, reviewing exports and shared materials, and using the platform in a way that matches your legal obligations.

Public beta request notes, website forms, and general support messages should not include patient information.

References

Questions about this page?

Send non-PHI questions through the private beta request path or your established CaelaraHealth contact.

Request early access