I’m aware that it’s impossible to run a HIPAA compliant app in adalo, however, there are clear ways to to avoid hipaa whataoever by breaking the connection between client and patient private data.
If I allow a doctor to sign a user up and have them pooled togeteher, that is not hipaa compliant with adalo. That being said, if I have a doctor sign the user up as a “regular user” (completely un-tied to the doctor in question) than it bypasses hipaa compliancy.
My question is this: If I have a doctor sign up a user on their phones and have a CUSTOM ACTION send an email through sendgrid transacitonal emails, will it still bypass HIPAA? In other words, will anything tie the doctor and the new ungrouped user together in the custom action side / is there a record of custom actions and requests in adalo’s database
As far as I know right now, there is no way for me or anyone else to see who the sendgrid transactional emails are sent to, so it would be on the adalo side.