Sarasota Medical Pregnancy Center

A connected, compliant system: the plan

Your programs in one view. Compliant communication. Less manual work, not more.

What we heard on our visit

Strong programs running on systems that do not talk to each other

One client, three records

A client is set up and documented separately in eClinicalWorks, SimplePractice, and eKYROS. No single place to see the whole journey.

The billable-hours gap

Roughly 2 of 8 hours a day are billable, driven by duplicate documentation. The board wants a capacity number leadership cannot readily produce.

Communication that is not compliant where it counts

No clean, HIPAA-safe way to text reminders, due-date follow-ups, or class nudges.

Journey drop-off

About 80% of medical clients reach behavioral health; about 30% of those reach education. Clients do not see everything available to them.

The goal

One central place that wraps your existing systems

A case manager sees the whole client journey, communication is automated and compliant, and the work gets removed, not duplicated.

eClinicalWorks
Medical
SimplePractice
Behavioral health
eKYROS + BrightCourse
Education + points
One central client-management view
The whole journey in one place - automated, compliant communication
The one rule that governs everything: it has to eliminate tasks, not add them - and it has to be HIPAA compliant.
The recommended setup

Your own system, set up the right way

We recommend standing up SMPC with its own dedicated platform account, then activating the HIPAA compliance module on it. Your account, your data.

SMPC's own platform account - HIPAA module activated
Your secure client sub-account
All client data lives here, inside your compliant environment

You own it

The account is SMPC's. Your data stays yours and stays portable - you are never locked in.

We administer it

Jess and Michael's team work as admins to build and support it, with least-privilege access and required MFA.

Compliant by design

The HIPAA module plus signed agreements (BAAs) keep client data protected from day one.

How it stays compliant

Built to meet your security and HIPAA requirements

HIPAA module + agreements

The platform's HIPAA module is activated and a BAA is signed, so client data, messaging, and call records are covered. We also sign a BAA with SMPC.

Controlled access

Least-privilege admin roles, required MFA (multi-factor login), and a clear list of who has access. You and your security partner control it.

Compliant communication channels

Text, email, and calls run on the platform's compliant channels, with minimum-necessary content and opt-out built in.

Safe data movement

Data moves between systems by scheduled, controlled export and import - not risky live connections. No clinical detail where it does not belong.

Ryan stays in the loop. We build to the encryption, access, and logging standards your security partner sets, and confirm vendor agreements before any data moves.
The plan

Four phases - migration first, then your choice

1

Foundation + migration

Stand up your account, activate HIPAA, and migrate. The required first step.

Start here
2

Client journey design

Map your full client journey into a designed, buildable plan.

Next
3

System data discovery

Confirm how we get data out of each system. Choose which and how many.

Selective
4

Implementation

Build the journeys, automations, and processes.

Scoped after 2-3
Each phase stands on its own. You are never committed beyond the step you approve.
Phase 1 - start here

Foundation and migration

What we do

Set up SMPC's own platform account and secure sub-account, activate the HIPAA module, sign the agreements, switch on compliant communication channels, then migrate the work already built and verify everything runs.

Why first

Until this is in place, no client-identifying data can live in the system or move by text or email. Once it is on, you can immediately run compliant intakes and post-visit messaging.

This is the foundation everything else sits on. It is also the one step we can price firmly today.
Phase 2

Design the client journey

A working session, on site, that turns your journey into a designed system.

What we do

Sit with your team and case managers and map the full journey - from a client's first touch through medical, behavioral health, education, and ongoing support, to the point they graduate. Who does what, what each role needs to see, what triggers communication at each step.

What you get

A documented, case-manager-centered client journey plus the plan that implements it. We can begin building the parts that use data you already have (non-clinical: web forms, class registration).

Phase 2 - the deliverable

What a designed client journey looks like

Illustrative example - we design yours with your team, in your words
First contact
Inquiry & intake
CommunicationWelcome text, intake form, first appointment booked
Medical
Clinical care
CommunicationAppointment reminders, post-visit follow-up, next-step nudge
Behavioral health
Counseling
CommunicationWarm handoff, session reminders, check-ins
Education
Classes & points
CommunicationClass invites, attendance nudges, points and rewards updates
Ongoing support
Stay connected
CommunicationMilestone check-ins, resources, graduation celebration
Every step visible to the case manager in one place - every message automated, on-brand, and compliant
Phase 3 - selective

System-by-system data discovery

Each system holds part of the picture and gives up its data differently. Each gets a short, focused session - about a day with the person who lives in it.

SystemAreaWhat we confirm
eClinicalWorksMedicalHow to export the data we need and feed it in cleanly
SimplePracticeBehavioral healthThe periodic export path (no live connection available)
eKYROS + BrightCourseEducation + pointsWhat can be exported and how points and attendance flow
Pick one system to bring in first, or just one, period. Each is independent and sequenced by what matters most to you.
Phase 4

Implementation

What we build

The pipelines, automations, communication sequences, point tracking, and the written processes for each type of care - using the designed journey and the confirmed data paths from the earlier phases.

Why last

We can only build what we have designed and confirmed we can feed. Scope and price come directly out of Phases 2 and 3, so we do those first to price this honestly.

End state: a compliant system, a designed client journey, written processes for each type of care, and the automations that run them - with data flowing in as efficiently as each system allows.
Investment

What each phase runs

PhaseWhat it coversEstimated cost
1. Foundation + migration Fixed feeYour account + HIPAA module + migrate your work$3,500
2. Client journey design Fixed feeOn-site session + designed client journey$2,500
3. System data discovery Fixed fee~1 day per system - choose which and how many$1,800 each
4. Build-out Est. - fixed after discoveryImplement the journey + automations - up to 6 months$12,000 - $30,000
Discovery, all three systems (Phases 1-3)$11,400 fixed
Your platform subscription: about $594/month (your own HIPAA-enabled account), billed to SMPC. This is what keeps your environment compliant long term.
Phases 1-3 are fixed fees. Build-out is a planning estimate, fixed-quoted once discovery is done, delivered over up to six months. You can phase the work or include fewer systems to fit the budget. For board review and approval of approach - a detailed statement of work follows as discovery confirms scope.
Timeline

A phased rollout over up to six months

Month 1
Month 2
Month 3
Month 4
Month 5
Month 6
Phase 1 - Foundation + migrationFixed fee
~3 wks
Phase 2 - Journey designFixed fee
~3 wks
Phase 3 - System discoveryFixed fee, per system
~1 day each
Phase 4 - Build-outEstimate, fixed after discovery
iterative, up to ~4-5 months
Your compliant platform is live from week one - value starts early, and each phase builds on the last
Before we begin

What we need from your team to start

From SMPC leadership

  • Share your current HIPAA documentation we can work from - your Security Risk Assessment, written privacy and security policies, and breach-response plan
  • Provide your BAA for us to sign, so we are covered for this work
  • A list of points of contact for the key areas - leadership, privacy and security, and each system
  • Tell us if you are evaluating a new EMR, so we design for portability

From Ryan (your security partner)

  • The encryption, login, access, logging, and hosting standards we must meet to connect
  • Which vendor agreements (BAAs) you already hold
  • Who owns breach notification once we are in the data path
On patient communication: share any communication policy or legal guidance you already have, so we build within it. Where messaging touches Florida minor-consent or reproductive-health rules, we confirm your attorney's sign-off before it goes live.
If we move forward

How we start

1

Short questionnaire

We send a quick questionnaire to confirm covered-entity status, agreements, and system access - so nothing stalls later.

2

Schedule the work

We set dates. Migration is the first step, then journey design, then the systems you choose - in priority order.

3

Go, one step at a time

Each phase delivers something usable. You approve and pay phase by phase, never ahead of where you are.

Your data, your account, your pace. We administer and build; you stay in control.
Next step

Approve the start and we begin with migration

From there, every phase is your choice, sequenced by what matters most to you.