The following is a guest article by Elliott Sprecher, VP of Marketing at Knack
A New Jersey Healthcare Communications Firm Needed a HIPAA-Compliant Patient Portal — Built Fast and Without a Developer; Their Solution Points to a Broader Shift in How Healthcare Organizations are Building the Tools They Actually Need
When Joe Luzi set out to build a patient portal for his healthcare communications firm, Social Health Research, he ran into a wall that will sound familiar to anyone who has tried to build custom software in a regulated environment.
He needed a secure, HIPAA-compliant system where patients could share sensitive health stories — through video, free text, or guided questionnaires — with granular controls over who could access what. He knew what he wanted. He just couldn’t find a way to build it without either waiting months for a development firm to come up to speed on compliance requirements or absorbing the ongoing cost and complexity of maintaining custom-built infrastructure himself.
“When I was building my software, the HIPAA-compliant piece was going to be an issue — meaning a very difficult process,” said Luzi, who founded SHR after more than 30 years in the pharmaceutical industry. “It takes a lot of developing, a lot of coding, and I didn’t think my team was up for that.”
His eventual solution — a fully functional portal built in days on a no-code platform — reflects a growing tension in healthcare IT, and a growing appetite for a different kind of answer.
The Gap Between What Healthcare Teams Need and What Exists
Healthcare organizations today are under pressure to move fast. New programs, new reporting requirements, new patient engagement initiatives — layered on top of strict requirements around privacy, security, and data handling. For small and mid-sized teams, that pressure often surfaces in a specific, frustrating way: the tools available are either too rigid or too risky.
Traditional EHR systems offer compliance but little flexibility. Teams end up building workarounds — spreadsheets, generic forms, disconnected databases — that can’t scale and were never designed to handle protected health information. On the other end of the spectrum, lightweight no-code and AI-powered tools have made it easier to prototype workflows, but most stop short when PHI enters the picture. There’s no BAA, no audit trail, no path from proof of concept to production.
This gap has created an opening, and it has also created a new kind of problem-solver.
The Rise of the Operational Builder
One of the more consequential shifts in healthcare IT over the past several years hasn’t come from the C-suite or the IT department — it’s come from the people running programs on the ground. Administrators, department managers, care coordinators, and research leads are increasingly expected to design and maintain the digital workflows their teams depend on. They’re closest to the operational problems. They understand the nuances of their workflows better than any outside vendor. And they’re often working without a development team to call on.
This “operational builder” dynamic is accelerating as organizations look for greater agility and push non-technical staff to take more ownership of their digital environments. But in healthcare, that agility can only go so far without a compliance-ready foundation underneath it. Flexibility without security isn’t a solution — it’s a liability.
The result is a growing demand for tools that meet operational builders where they are: giving them genuine configuration power without requiring them to become developers or compliance experts.
Knack Health Targets That Exact Gap
On March 3, Knack — a no-code platform used by thousands of organizations worldwide — officially launched Knack Health, a dedicated healthcare product built to address this challenge directly.
Knack Health is designed for clinics, healthcare nonprofits, research organizations, and other small to mid-sized teams that need custom applications and workflows but can’t build or maintain them with a traditional development approach. The platform provides a HIPAA-compliant no-code database for storing and managing PHI, custom forms, dashboards, and portals with granular role-based permissions, the ability to create custom record change logs, scheduling and appointment booking tools, and more than 500 native integrations with other systems — including healthcare-adjacent platforms.
Critically, HIPAA-compliant plans include signed Business Associate Agreements, making it possible for covered entities to move from configuration to production without needing to stand up separate compliance infrastructure.
“Healthcare organizations are under pressure to move faster, but most tools force a tradeoff between flexibility and compliance,” said Derek Hutson, CEO at Knack. “Knack Health removes that tradeoff. We built a dedicated healthcare platform that gives teams control over their workflows while providing the security, auditability, and HIPAA compliance they need to operate responsibly.”
A Real-World Test Case
Back in Chatham, New Jersey, Joe Luzi’s experience with the platform offers a ground-level view of what that promise looks like in practice.
Social Health Research helps pharmaceutical, biotech, and medical device companies understand the real-world patient experience — the treatment journeys, the barriers to care, the human details that don’t show up in clinical data. Those patient stories are invaluable to the companies SHR works with. They’re also deeply sensitive, and collecting them in a way that’s both authentic and compliant had always been technically demanding.
Before finding a no-code solution, Luzi explored working with traditional software development firms. The ones who understood HIPAA compliance well enough wanted to build everything from scratch — slow, expensive, and ultimately outside Luzi’s control. “Other software companies that I spoke with had a much bigger learning curve, especially on the HIPAA compliance side,” he said. “And I wasn’t willing to wait for somebody to learn while I’m paying them.”
What he needed wasn’t just a compliant platform — it was a compliant platform he could actually build on. Working with Knack, his team had the portal up and running in days. Patients can log in and choose how to share their story — through free text, video upload, or guided questionnaires. Consent levels are managed through simple checkboxes and forms. Patients can return and update their stories over time. The system integrates with SHR’s email server for ongoing patient communications.
“The two things that were really a game changer for me with the Knack software platform were that they were keeping up with the HIPAA rules and regulations,” Luzi said. He noted a significant regulatory update in the prior year that the platform handled without requiring any action on his end — exactly the kind of maintenance overhead that had made building custom software unattractive.
The system also had to work for patients, many of whom are managing serious illnesses. “Patients are only going to share their story when they know the information is secure and they know how that information is being used,” Luzi explained. The portal’s simplicity was as important as its compliance.
A Signal for the Broader Market
The Knack Health launch reflects a broader bet that the healthcare IT market is ready for a different category of tool — one that sits between rigid enterprise systems and compliance-naive no-code apps.
The platform supports both U.S. organizations navigating HIPAA and international healthcare teams that need strong data protection without HIPAA-specific requirements. Templates for common healthcare workflows are included to accelerate deployment, and the platform is designed to evolve alongside regulations rather than requiring customers to rebuild when requirements change.
For Luzi, that scalability matters as much as the initial build. “As the rules change or you learn more from patients on how to approach them, this can easily scale up or change or modify,” he said. He’s already thinking beyond SHR’s current pharmaceutical clients — the same portal infrastructure could serve advocacy organizations, healthcare providers, and other groups looking to amplify the patient voice.
The case for platforms like Knack Health ultimately isn’t just about technology. It’s about who gets to build. As healthcare organizations continue to push operational responsibility closer to the teams doing the work, the tools available to those teams will increasingly determine what’s possible. When the right infrastructure is in place, a healthcare communications firm founder with no development background can build a HIPAA-compliant patient engagement platform — in days, not months.
That’s the shift Knack Health is designed to support.
Knack Health is available now. More information is available at knack.com/health.
Elliott Sprecher is the VP of Marketing at Knack, a no-code app builder that helps organizations create secure, custom web applications without requiring developers.
About Knack Health
Build HIPAA-compliant healthcare apps without code. Knack Health enables secure patient portals, intake systems, and custom workflows on encrypted infrastructure—with BAA included. Replace rigid point solutions with applications built around your organization’s needs.
Knack is a proud sponsor of Healthcare Scene.
No comments:
Post a Comment