About
A question asked at a dinner table in Chicago, 2015.
Origin
Angie Perrin spent over a decade as a registered dental hygienist and became a Certified HIPAA Consultant — working inside treatment rooms, managing patient records, and watching practice after practice struggle with compliance obligations they barely understood. The gap between what HIPAA required and what practices actually did was not a minor oversight. It was systemic. Most believed a policy binder on the shelf meant they were protected. They were wrong — and increasingly, they were targets.
Joseph Perrin had spent years building secure infrastructure for clinical systems and government healthcare environments — zero-trust architecture, encrypted data handling, real-time threat detection. When Angie described what healthcare practices were doing to “protect” patient data, the answer was almost always: nothing that would survive first contact with an actual attacker. The same threat actors penetrating hospital systems were now pivoting to smaller, undefended practices — and since 2021, attacks on independent providers have risen 6×.²
Alexander Perrin saw the gap for what it was. Twenty years in enterprise technology made the pattern clear: the compliance vendor ecosystem had built strong documentation and training tools, but the security layer — the monitoring, detection, and active defense work — was still missing for independent practices.&sup4; The vendors were solving the audit problem. No one was solving the breach problem.
Patient Protect was the response: a platform that adds operational security on top of the compliance foundation. Real-time monitoring, automated risk assessments, encrypted communication, staff training, and breach simulation — built to work alongside your existing compliance partner or as your standalone solution, starting at $39/month. No contracts.
Leadership
The Clinician
RDH · Certified HIPAA Consultant
“Every practice I worked in had a compliance binder on the shelf. Not one of them could have survived a real audit — and none of them knew it.”
Over 10 years of clinical practice as a registered dental hygienist before moving into compliance strategy. Shaped the platform's risk methodology and anti-checkbox philosophy from direct experience inside the treatment room — not a policy manual.
The Security Architect
Infrastructure Architect
“The same threat actors we built defenses against in government were pivoting to small practices. And nobody had built the wall yet.”
Federal infrastructure background. Designed the platform’s zero-trust architecture, AES-256-GCM session vault, fail2ban intrusion response, SMS 2FA, Altcha challenge layer, and browser-fingerprinting defense — the security stack that protects patient data across every platform module.
The Builder
SaaS Founder
“An entire industry was charging $2,000 a month for annual assessments and generic templates. The practices were paying for a certificate, not protection.”
20 years in enterprise technology. Built the product strategy, market positioning, and growth architecture behind Patient Protect — with the conviction that independent practices deserve real security infrastructure, not paperwork disguised as protection.
No investors. No board. No exit strategy. The name on the platform is the name we go home to.
$9.8M¹
Average healthcare breach cost
6ײ
Increase in attacks on independent providers since 2021
190M³
Patients exposed in Change Healthcare breach
Independent practices are the least defended nodes in America's healthcare infrastructure. When they go down, communities lose access to care.
Compliance that can survive first contact with an actual attacker.
Patient Protect exists to close the cybersecurity gap between what federal agencies use to protect data and what independent healthcare practices can afford.
Timeline
2015
Three family members. One question. Chicago. The work began with custom widgets built for the offices Angie was working in — small tools to close specific compliance gaps the market did not address.
2018
Patient Protect LLC formed. First platform version released in February 2018.
2021
Attacks on independent providers begin their 6× surge.
2024
Secure Care Research Institute publishes its first findings. Change Healthcare breach exposes 190M patients. The industry wakes up.
2025
V2 platform work begins, architected specifically for the 2026 HIPAA Security Rule update.
2026
V2 platform release. The threat is accelerating. The infrastructure gap is widening. We built for this moment on purpose.
What we believe
Compliance documentation and active security are two different disciplines. Most vendors specialize in the first — and that work matters. Patient Protect adds the second: the monitoring, detection, and response infrastructure that lives outside the traditional compliance-vendor scope. Both disciplines are necessary. We focus on the one most practices are still missing.
When compliance software is priced for hospital systems and the independent practice skips it, the practice is unprotected. Patient Protect starts at $39 a month because pricing that excludes the most vulnerable practices is not a viable compliance strategy.
A once-a-year risk assessment does not satisfy HIPAA. Patient Protect runs daily diagnostics, live scoring, and continuous monitoring — because a breach does not wait for your next annual review.
Positioning
The existing compliance vendor market was built around annual documentation cycles, generic policy templates, and pricing that assumes healthcare budgets rather than reflects what the work actually costs. Those vendors solve a documentation problem. We solve the security problem they leave behind.
Customers do not have to choose between us and them. They can run their existing compliance vendor and add Patient Protect to do the operational security work the vendor does not — continuous monitoring, breach simulation, real-time risk scoring, encrypted communication, staff training, and incident response. Or they can replace the documentation layer entirely and run the whole program on Patient Protect for less than most vendors charge for the binder.
Either way, the gap that was leaving independent practices exposed gets closed.
Why it matters
Every practice we protect is someone's medical history staying private. Someone's mental health records staying sealed. Someone's child's dental records staying out of a data broker's hands.
That's what this is actually about.
Secure Care Research Institute
The platform's risk models, scoring methodology, and threat intelligence are grounded in original peer-reviewed research published through the Secure Care Research Institute — including analysis of over 1,400 healthcare breaches and the first published framework for ePHI dark-market valuation.
Explore the research →¹ IBM, Cost of a Data Breach Report 2024. Healthcare sector average.
² HHS Office for Civil Rights breach portal data, 2021–2025. Attack volume against healthcare providers with fewer than 500 employees. Analysis via Secure Care Research Institute.
³ U.S. Department of Health & Human Services, Office for Civil Rights. Change Healthcare / UnitedHealth Group breach notification, figure revised to 190 million affected individuals as of January 2025.
&sup4; Competitor public pricing pages, surveyed 2024–2025. Range reflects Compliancy Group, Abyde, AccountableHQ, and TotalHIPAA published rates for independent practices.
