Healthcare and privacy compliance
AcuClient is designed to support the compliance obligations of licensed and unlicensed wellness professionals in Canada and the United States. Compliance is a shared responsibility: Effect Wellness Inc. provides the infrastructure, controls, and documentation; you configure and use the service in line with your professional and legal duties.
Business Associate Agreement
A Business Associate Agreement is in place with our primary data processor, Supabase. This covers the handling of protected health information (PHI) where AcuClient is used by US-based practitioners. A BAA between you and Effect Wellness Inc. is available on paid plans — contact us to request one.
Current posture — honest version
AcuClient is hosted on Supabase infrastructure located in the United States (Oregon). Canadian-region hosting is planned for a future platform upgrade. Consent-tracking, audit-log write paths, and automated data-retention enforcement are all on the active build plan and will ship ahead of or alongside general availability in regulated clinical settings.
We have deliberately avoided claiming “compliant” status on any individual regulation. The pages below describe how AcuClient is designed to support each regulation's requirements and what practitioners should know when making an informed vendor decision.
Regulations we address
How we support HIPAA obligations for US-based practitioners, including our Business Associate Agreement, administrative safeguards, and breach-notification process.
How we handle personal information under Canada's Personal Information Protection and Electronic Documents Act — consent, purpose limitation, access, and correction.
How Effect Wellness Inc. operates as an agent and electronic service provider under Ontario's Personal Health Information Protection Act for health information custodians.
Processors and sub-processors
The processors that touch AcuClient data are listed in our Privacy Policy: Supabase, Stripe, Twilio, Resend, and Google (Gemini). Each is bound by a written data-processing agreement and processes data only as instructed.
Related documentation
- Security overview — encryption, access control, monitoring.
- Privacy Policy — what we collect, how we use it, and your rights.
- Terms of Service — the legal relationship between you and Effect Wellness Inc.
AcuClient is operated by Effect Wellness Inc. For data-protection, privacy, or legal requests, email privacy@effectwellness.com. For general or product questions, use the contact details on our contact page.