Caretrics processes your clinic's billing and scheduling data to find and recover revenue leaks. No clinical notes. No patient contact info. Here is exactly what we access, how we protect it, and the controls you have.
| Data Category | Details |
|---|---|
| Appointment schedules | Dates, times, practitioner assignments, appointment types, cancellations, no-shows |
| Billing records | Invoice status, amounts, payment dates, outstanding balances, aging |
| Payment and collection data | Payment methods, collection status, write-offs |
| Insurance policy status | Authorization dates, expiry dates, visit limits, policy status |
| Staff schedules and productivity | Hours scheduled, arrived clients, utilization, treatment counts |
| Patient first name + GUID | Recovery Mode only (opt-in). Used solely to assign recovery tasks to staff |
| Data Category | Status |
|---|---|
| Clinical notes | Never accessed, never stored, never transmitted |
| Patient contact info (phone, email, address) | Never accessed |
| Health records or diagnoses | Never accessed |
| Payment card or banking data | Never accessed (Stripe handles payments) |
| Patient photos or documents | Never accessed |
Every clinic controls how patient identity is handled. Select your mode in Settings and change it any time.
Privacy-first operational visibility
Patient identifiers are replaced with anonymous references. You see patterns, cohorts, and trends — no individual patient data leaves your clinic.
What you see
“12 patients showing falloff patterns”
Pseudonymized references only
Analytics-only tools claim they never see patient data. That sounds safe — but it means they can't tell you which patients to call, which invoices to collect, or whether the money was actually recovered.
The gap between seeing a problem and fixing it is where clinics lose money. Caretrics gives you the choice: start with privacy-max analytics, and enable Recovery Mode when you're ready to act.
| Control | How |
|---|---|
| Choose your data mode | Settings > Recovery > Patient Identity Display |
| See what was synced | Data freshness indicators on every dashboard page |
| Pause or stop extraction | Deactivate the Caretrics staff account in Jane, or pause from Settings |
| Delete your data | Email privacy@caretrics.com or contact support |
| Request a DPA | Available for all plans — email enterprise@caretrics.com |
| Export your data | CSV or JSON export within 5 business days on request |
| Revoke access instantly | Remove the Caretrics staff account from Jane at any time |
| Framework | Status |
|---|---|
| PIPEDA (Canada) | Aligned — appropriate safeguards for commercial data processing |
| PHIPA (Ontario) | Service provider to health information custodians (clinics) |
| CASL | Compliant — express consent for all marketing communications |
| SOC 2 Type II | Infrastructure vendors certified; Caretrics certification targeting 2027 |
Caretrics operates as a service provider to PHIPA health information custodians (the clinics), not as a custodian itself. Clinics retain custodianship of their patient data. Our processing is governed by written agreements that define permitted uses, security obligations, and breach notification requirements.
Our security team is ready to walk through our data handling in detail.
Last updated: April 2026
