HealthDash· Health Commerce
CapabilitiesComplianceWhite-labelPricingContact
Sign inRequest access

§ 01Compliance-first health commerce

Healthcare commerce,
built with the precision of a clinic.

HealthDash is the operating backbone for peptide labs, supplement brands, and wellness clinics. Inventory, ordering, and customer records — wired into HIPAA-track infrastructure from day one.

Request a private demoHow HealthDash works→

Compliance Ledger

  • DigitalOcean BAAOn file
  • TLS / sslmode=requireEnforced
  • Field-level encryptionActive
  • Audit log retention6 years
  • Access reviewsQuarterly

Sample order

Verified

Product line
variant

Lot
—
Strength
—
Rx by
—
Ship state
—
BAA-signed hosting
Field-level encryption
Immutable audit logs
HIPAA-track roadmap

§ 02Built for the products you sell

Health products carry rules.
Your platform should too.

Peptides, compounded medications, and supplements aren't standard e-commerce SKUs. HealthDash treats them like clinical inventory: lot-tracked, state-gated, prescription-aware, and recall-ready.

Peptides & compounded

Lot/batch tracking, sterile-fill metadata, expiry windows, prescriber on file, state-by-state shipping rules.

503A / 503B aware

Supplements & nutraceuticals

Subscription refills, multi-strength variants, FDA disclaimers wired into product pages, ingredient sheets.

GMP-friendly

Telewellness & clinic-direct

Healthie integration, intake-to-order linking, clinician-specific catalogs, encrypted notes per record.

Healthie-ready

Recovery, IV & wellness

In-clinic POS for protocols, customer chart-of-services, location-scoped inventory and reporting.

Multi-location

§ 03Capabilities

Everything a regulated brand needs. Nothing it doesn't.

Sixteen modules out of the box. Every one of them assumes the data they touch may be PHI, and acts accordingly.

01

Lot & batch tracking

Per-lot expiry, recall paths, and chain-of-custody on every unit.

02

Regulated-product gating

Block by state, age, or required prescription before checkout.

03

Doctor / Healthie sync

Pull authorizations, push fulfillment status, link orders to charts.

04

Encrypted customer records

Field-level encryption with rotated keys; safe to store identifiers.

05

Subscriptions & refills

Refill schedules tied to authorizations, with auto-pause on expiry.

06

Sterile-fill ready

Capture compounding metadata and ship docs with every order.

07

Immutable audit log

Every read, write, and admin action retained six years.

08

Multi-location inventory

Stock pooled or scoped by clinic, with location-specific reporting.

09

BAA & vendor registry

Track every subprocessor, BAA status, and renewal date in one place.

§ 04Compliance posture

Compliance is product,
not paperwork.

We won't pretend HealthDash is HIPAA-certified — no SaaS truthfully is. What we will say: every architectural decision was made on the HIPAA-track. BAA-covered hosting, encrypted at rest and in transit, least-privilege access, and audit logs that survive a breach investigation.

Read our compliance brief
  • 01 · Hosting

    DigitalOcean — BAA on file. Managed Postgres, Spaces, and Valkey assigned to a dedicated HealthDash project.

    Active
  • 02 · Encryption

    TLS in transit (sslmode=require, rediss://). Fernet keyring at the column level for PHI-bearing fields.

    Active
  • 03 · Access control

    RBAC with org scoping; cross-tenant reads structurally impossible. MFA + automatic session timeout planned.

    Phase 2
  • 04 · Audit logging

    Append-only log of authentication, ePHI reads/writes, and admin actions — 6-year retention.

    Phase 2
  • 05 · Risk assessment

    Annual NIST 800-30 review with documented data flows, threats, and mitigations per HIPAA §164.308.

    Phase 3
  • 06 · Breach response

    Documented escalation, 24–72h client notification window, post-mortems retained 6 years.

    Phase 3
—

Your brand here

Powered by HealthDash

Active subs

1,284

+8.3%

Lots in inventory

37

12 expiring

Auth refills due

146

this week

Recent activity

View all

  • Product · variant A

    Order received

    2m ago

  • Product · variant B

    Refill authorization

    11m ago

  • Product · variant C

    Lot received

    37m ago

§ 05White-label

Your brand on top.
Our backbone underneath.

Run HealthDash as the engine behind your own peptide store, clinic portal, or compounding pharmacy. Your domain, your colors, your logo — our compliance, our infrastructure, our SDK.

  • Custom domain & full theme control
  • Per-tenant data isolation, end-to-end
  • Co-branded customer email & receipts
  • Optional clinician portal for partner doctors

§ 06Talk to us

Bring HealthDash into your launch.

Demos run with one of our solutions engineers — never a bot. We start with your products, regulators, and downstream integrations, then map a 30-day path to launch.

Request a private demoRead the documentation

HealthDash

The operating backbone for peptide labs, supplement brands, and wellness clinics — built on HIPAA-track infrastructure.

A product of CodeCraft Studios

Platform

  • Capabilities
  • White-label
  • Pricing
  • Documentation

Legal

  • Terms of Service
  • Privacy Policy
  • HIPAA Notice
  • Acceptable Use
  • Cookies
  • Refund Policy

Compliance

  • Security
  • Subprocessors
  • BAA Template
  • Access Provisioning

Company

  • About
  • Contact
  • Blog

© 2026 HealthDash. All rights reserved.

PrivacyTermsHIPAABAA