apptmint

Psychology & Therapy

Practice management built for therapists who take data seriously

Per-therapist data isolation, encrypted session notes, consent management and GDPR compliance from day one.

Start Free Trial Book a Demo

Sound Familiar?

Challenges therapy practices face every week

Data isolation concerns

In a multi-therapist practice, one clinician should never see another's client notes. Most booking tools don't enforce this.

Consent management gaps

Paper consent forms get lost. Digital forms aren't linked to client records. No audit trail of what was signed and when.

Unsecured session notes

Notes stored in generic cloud drives or word processors with no encryption, no access controls, and no retention policies.

Admin eating into clinical hours

Time spent on scheduling, invoicing and chasing payments is time not spent with clients.

GDPR uncertainty

Unsure whether your current setup meets GDPR requirements for processing sensitive personal data.

No centralised client view

Appointment history in one system, notes in another, invoices in a third. No single source of truth per client.

How Apptmint Helps

Purpose-built for therapy practices

Per-Therapist Data Isolation

Each therapist can only access their own clients' records, notes and appointment history. Practice managers can see aggregate reporting without accessing clinical content. This is enforced at the database level, not just the UI.

  • Database-level access isolation
  • Therapist-specific client lists
  • Aggregate reporting for practice managers
  • No cross-therapist data leakage

Consent Forms and Management

Digital consent forms that clients complete before their first session. Linked directly to the client record with a timestamped audit trail. Configurable per service type. Re-consent workflows for policy changes.

  • Digital consent forms
  • Timestamped audit trail
  • Linked to client records
  • Re-consent workflows
  • Configurable per service type

Encrypted Session Notes

Session notes are encrypted at rest using AES-256 and accessible only to the authoring therapist. Notes are structured with configurable templates and linked to the specific appointment. Full-text search within your own notes only.

  • AES-256 encryption at rest
  • Accessible only to authoring therapist
  • Configurable note templates
  • Linked to appointments
  • Searchable within your own records

GDPR Compliance

Designed for processing special category data under UK GDPR. ICO registered, hosted in the UK/EU, with configurable data retention policies and right-to-deletion workflows. Data Processing Agreements available for multi-therapist practices.

  • Special category data handling
  • ICO registered
  • Configurable retention periods
  • Right-to-deletion workflows
  • Data Processing Agreements

Session Scheduling

Smart calendar with recurring appointment support, client self-booking, and automatic reminders. Buffer time between sessions is configurable. Clients see only the availability you choose to share.

  • Recurring session scheduling
  • Configurable buffer time between clients
  • Client self-booking portal
  • Automatic WhatsApp/SMS/email reminders
  • Therapist-controlled availability

Billing and Invoicing

MTD-compliant invoices generated automatically after each session. Stripe payments for card, Apple Pay and Google Pay. Session packs and subscription billing for ongoing therapy. Outstanding balance tracking and payment reminders.

  • Automatic post-session invoicing
  • Stripe payments
  • Session pack billing
  • Outstanding balance tracking
  • MTD-compliant records

FAQ

Common questions from therapy practices

How does data isolation actually work?

Each therapist's data is segregated at the database level using row-level security. A therapist can only query records they created or are explicitly shared with them. This is not a UI-level restriction. It is enforced by the database itself.

Can a practice manager see all client data?

Practice managers see aggregate reporting (revenue, utilisation, appointment counts) but do not have access to clinical notes or session content. This separation is configurable to match your practice's governance model.

Is Apptmint suitable for processing special category data?

Yes. We have designed the platform with the requirements of UK GDPR Article 9 in mind. Encryption, access controls, audit logging and retention policies are all built in. We recommend reviewing our Data Processing Agreement with your data protection officer.

Can clients book their own sessions?

Yes. You control which time slots are available for self-booking. Clients can book, reschedule and cancel within the rules you set. New client enquiries can require a manual approval step before the first session.

How are session notes structured?

You can create custom note templates with fields relevant to your modality (e.g. presenting issues, interventions, homework, risk assessment). Notes are linked to the specific appointment and encrypted at rest.

What happens if a therapist leaves the practice?

Client records created by a departing therapist can be transferred to another practitioner with appropriate consent workflows. Alternatively, records can be archived with configurable retention periods. The process maintains a full audit trail.

Do you offer a Data Processing Agreement?

Yes. A DPA is available for all plans and can be executed electronically. It covers the specific requirements for processing sensitive personal data in a therapy context.

Ready to run your practice with confidence?

Start your 30-day free trial or book a demo tailored to therapy practices.

Start Free Trial Book a Demo

Ready to run your business without the chaos?

Start free today. We'll help you get set up.

Start Free 30 Days Book a Demo