HIPPA & PCI Compliant Software

At Pearly, practice and patient trust is our #1 priority. We take a rigorous approach to security to ensure HIPAA-compliant handling of protected health information (PHI) and PCI-compliant handling of financial card data.

Security Icon

Patient Information

Patient information is stored on Google Cloud Platform, specifically Firestore and Cloud Storage.

The above Google services employ AES-256 encryption at rest and have completed ISO 27001, ISO 27017, ISO 27018, SOC 1, 2, and 3 certification.

Security Icon

Identity Management

Patient identity data (name, email, password) are managed and stored in the Google Identity Platform.

Google's Identity Platform implements industry-leading encryption (SHA-2) and authentication (OAuth 2.0) standards.

Security Icon

Financial Information

All credit card, debit card, ACH, and other financial data is collected, stored, and processed via Stripe.

Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry.

Security Icon


Pearly has countersigned Business Associate's Agreements ("BAA") with Google certifying their compliance with all relevant HIPAA requirements vis-a-vis their data transmission and storage functions.  

We, in turn, offer a Business Associate Addendum to our dental practice customers.

Find out if Pearly is right for your practice.

Book a 1:1 demo with a product expert.

Schedule Free Demo