HIPAA Compliance Statement

At Mend U, protecting patient privacy and maintaining the security of health information is foundational to our mission. We are a HIPAA-compliant vendor that provides automated, surgeon-approved education via text messages to help patients recover better and faster—on behalf of their care providers.

We recognize that as a healthcare organization, your reputation, compliance obligations, and patient trust are paramount. That’s why Mend U is designed from the ground up with security, privacy, and regulatory compliance at the core.

Our Commitment to HIPAA Compliance

We operate as a HIPAA-compliant Business Associate.
Mend U enters into Business Associate Agreements (BAAs) with every Covered Entity we serve. We also maintain signed BAAs with all of our technology partners (such as cloud providers and SMS platforms) ensuring that all parties involved in data transmission and storage are fully HIPAA-compliant.

PHI is protected through industry best practices.
We collect and use protected health information (PHI) solely for the purpose of delivering just-in-time education and guidance on behalf of care teams. All PHI is encrypted in transit and at rest. Access is tightly controlled and monitored in accordance with the HIPAA Security Rule.

We obtain appropriate patient consent.
Patients explicitly opt-in to receive messages through secure and compliant onboarding flows (such as scanning a QR code and sending an opt-in message). This ensures informed consent and full transparency regarding the nature and frequency of communication.

We ensure administrative, technical, and physical safeguards.
Our internal compliance process includes staff training on HIPAA requirements, strict access controls, system logging, and continuous improvement to align with evolving standards.

We serve as an extension of your care.
By working directly with providers, Mend U ensures that all messaging is aligned with your medical guidance, educational standards, and recovery protocols. Our platform augments your team's ability to educate and support patients—without increasing staff burden or introducing compliance risk.

We welcome security reviews, provide documentation upon request, and are happy to collaborate with your compliance team to support onboarding and vendor due diligence.

For more details, please refer to our Privacy Policy and Terms of Service, or contact us directly at hello@mendu.ai.


© 2025 Mend U. All Rights Reserved.
Terms Of Service | Privacy