Trust

Security at PracticeLien

Last updated: June 6, 2026

Our approach

PracticeLien handles patient, case, and lien data for personal-injury medical practices. We design every layer of the service - infrastructure, application, data, and process - to protect protected health information (PHI) and minimize the blast radius of any single failure.

Infrastructure

Multi-tenant isolation

Every customer (medical practice) is a distinct tenant. Tenant boundaries are enforced inside the database, not just in application code:

Authentication and access

Encryption

Logging and auditing

Backups and recovery

Software development

Vendor management

We maintain BAAs with every subprocessor that touches PHI. A current list of subprocessors is on the Privacy page.

Compliance posture

Responsible disclosure

If you believe you have found a security vulnerability in PracticeLien, please email info@sevenseasstrategies.com. Please include enough detail to reproduce the issue, and give us a reasonable window to investigate before public disclosure.

Contact

For security questions, BAA requests, or to report a suspected incident:

Seven Seas LLC · info@sevenseasstrategies.com

Customers under a signed BAA should report any suspected security incident affecting PHI through the in-app support flow or directly to info@sevenseasstrategies.com - not through public channels.