HIPAA Security Rule Compliant
ISO 27001 Certified
US-Only Data Centers
448-Bit Encryption
How Chiropractic Practices Store and Protect Patient Data
A busy chiropractic practice generates significant patient data every day – stored across on-premise practice management software, local servers, and workstations.
Unlike general small businesses, chiropractic practices operate under the HIPAA Security Rule as covered entities, which means the data they create is not just operationally critical β it is legally protected health information that requires specific safeguards.
On-premise practice management platforms commonly used in chiropractic β including ChiroTouch installed locally β store all of this data on servers your practice owns and controls.
When those systems go down:
- Appointments cannot be confirmed
- Treatment histories become inaccessible
- Billing halts immediately
SOAP Notes
Patient Intake Records
Billing and Insurance Records
Claims submissions, EOBs, co-pay records, and all financial documentation stored locally and tied to patient care.
Scheduling and Appointment Data
Appointment histories and future bookings stored in your on-premise practice management database.
X-Rays and Diagnostic Imaging
Digital radiographs and diagnostic imaging stored locally in your practice management system or connected on-premise imaging software.
Treatment Plans and Progress Notes
Documented care plans, progress notes, and outcome assessments stored on your local practice server.
Common Backup Risk Scenarios
Standard backup tools copy files without verifying whether those files are
actually complete and usable. CDS scans and verifies every file before storage.
| Scenario | β Without CDS | β With CDS |
|---|---|---|
| Ransomware Attack | Local server and backup both encrypted | Network-isolated archive remains unaffected |
| Corrupt Backup File | Discovered at restore β data unrecoverable | Blocked before storage β never enters archive |
| On-Premise Server Failure | No verified restore path β downtime extends | Clean verified restore restores systems within 24 hours |
| Staff-Initiated Restore | Requires IT vendor β hours of downtime | Admin-trained restore completes in minutes with no IT wait |
| Silent Backup Failure | No monitoring β failure goes undetected | Real-time monitoring triggers anomaly alerts instantly |
| Multi-Location Data Loss | Each locationβs server exposed independently | Centralized backup protects all locations under one system |
How CDS Backup Works With
Chiropractic Practice
CDS is built for practices without a dedicated IT team. The entire backup
environment – scheduling, monitoring, verification, and recovery – is managed by
CDS, so your staff stays focused on patient care.
Pre-Storage Verification
Every file scanned and confirmed clean before entering your archive. Corrupt local database files are blocked β not stored.
On-Premise System Backup
CDS backs up your local servers and workstations directly β configured around your specific on-premise practice management setup.
Ransomware Isolation
Fully network-isolated archive β completely out of reach of ransomware targeting your local practice systems.
448-Bit Encryption
All data encrypted in transit and at rest, exceeding minimum technical safeguard standards for PHI.
US-Only Data Centers
Patient data stored in CDS-owned US data centers only. No shared cloud, no third-party exposure.
Real-Time Monitoring
Continuous monitoring of your backup environment detects failures before they become a practice crisis.
Staff Restore Training
Front desk and admin staff trained to restore files from your on-premise backup independently β no IT vendor waits.
Compliance Documentation
Verification logs and compliance reports available on demand for audits and risk assessments.
Meet Compliance Requirements Without Added Complexity
Chiropractic practices are covered entities under HIPAA. The backup environment protecting your patient records must meet specific legal requirements β documentation, vendor accountability, and technical safeguards.
CDS handles all of this as a built-in part of the platform. Many chiropractic practices are unknowingly out of compliance because their backup vendor never signed a BAA.
CDS signs a BAA with every practice at onboarding, as standard.
Business Associate Agreement (BAA) signed at onboarding β as standard - 448-bit encryption satisfying transmission and storage security requirements
- Access-controlled restore processes meeting HIPAA access control rules
- Full audit trail logging built into the platform
- ISO 27001 certification β independently verified by a third-party auditor
- Audit-ready reporting generated on demand for compliance reviews
Business Associate Agreement (BAA)
Any vendor that stores or accesses your patient records must sign a BAA. Many chiropractic practices are unknowingly out of compliance because their backup vendor never signed one. CDS signs a BAA with every chiropractic practice at onboarding, as standard.
ISO 27001 Certification
CDS holds ISO 27001 certification, independently verified by a third-party auditor. For chiropractic practices that need to demonstrate data security to insurers or partners, this provides documented, internationally recognized evidence.
Audit-Ready Reporting
CDS generates verification logs and compliance reports on demand, so your practice is never scrambling for documentation when a compliance review arrives.
Flat-Rate Pricing for
Chiropractic Practice
Unison by CDS is available monthly or annually β with everything
your practice needs included. No hidden fees. No surprise renewals.
Pay Month to Month
Unison Monthly Plan
Full access to CDS backup, monitoring, and support. Flexible billing with no long-term commitment required.
Best Value for Your Practice
Unison Annual Plan
Everything in the monthly plan, billed annually. The most cost-effective way to keep your practice fully protected year-round.
Not Sure Which Plan Fits Your Practice?
Schedule a quick install call and CDS will walk you through the right setup for your on-premise systems and clinic size.
Frequently Asked Questions
Our practice uses ChiroTouch installed on our own server - does CDS back that up?
Yes. CDS backs up on-premise systems directly, including ChiroTouch running on your local server.
During onboarding, CDS configures your backup environment around your specific server setup – your SOAP notes, patient records, billing, and scheduling are all covered automatically without changing how your team uses ChiroTouch day to day.
Note that CDS backs up locally installed, on-premise systems β not cloud-hosted software subscriptions.
We have two clinic locations each with their own server. Can CDS cover both?
Yes. CDS scales across multiple locations and on-premise server environments without requiring separate contracts.
Each locationβs local server is backed up independently and managed centrally β giving you consistent protection and compliance documentation across all sites without having to coordinate separate backup solutions per location.
Our practice management software is cloud-hosted. Can CDS still help us?
CDS specializes in backing up on-premise systems β local servers, workstations, and locally stored data.If your practice management platform is fully cloud-hosted, your vendor manages that data.
However, most chiropractic practices still have locally stored data that needs protection, including digital X-rays and imaging stored on local workstations, locally exported billing records, and any data sitting on an office server or desktop.
CDS protects all of that on-premise data even if your primary practice management software is cloud-based.
What happens if our front desk needs to restore a patient file during a busy clinic day?
CDS includes file restore training for your front desk and admin staff at onboarding.
Your team is trained to restore files from your on-premise backup independently β no IT vendor response required.
For a chiropractic practice where every appointment slot matters, that ability to recover quickly without external dependencies is a significant operational advantage.
How does CDS handle our locally stored X-rays and imaging files?
Digital radiographs and imaging files stored on your local server or imaging workstation are backed up as part of your overall on-premise backup environment.
All imaging files go through the same pre-storage verification as your clinical and billing records – so you are never restoring a corrupt or incomplete image file after a server failure or ransomware event.
Our current backup vendor has not signed a BAA with us. Is that a problem?
Yes. Any vendor storing or accessing your patient records is a Business Associate and must have a signed BAA.
The absence of one is a compliance violation regardless of whether a breach has occurred.CDS signs a BAA with every practice as a standard step in onboarding.
How can a private practice recover from a ransomware attack?
The key is restoring clean, uncompromised data. CDS scans every backup for ransomware or hidden threats before itβs restored, ensuring you donβt reinfect your systems. Our clean recovery assurance and 24/7 support help your practice recover quickly, protect patient trust, and meet HIPAA requirements.