Migration Guide
Switch existing profiles from standard to HIPAA mode safely
Migrating to Healthcare Mode
This guide covers switching an existing profile from standard mode to HIPAA mode, including what changes, what doesn't, and how to roll back if needed.
Pre-migration checklist
Before switching:
- List all active signal rules and their event types
- Identify which rules send non-revenue events (appointment_booked, closed_won, etc.)
- Inform the customer that some exports will be blocked after migration
- Confirm the customer's legal team is aware of the DPA/BAA
- Record current export volume in Conversion Sync > Deliveries for comparison
Migration steps
Audit current state
Note the current setup:
- Privacy mode (should be
standard) - Active signal rules and their source event types
- Recent export volume and patterns in the Conversion Sync feed
- Which destinations are active (Meta, Google)
Accept the DPA/BAA
Navigate to Conversion Sync > Privacy & Compliance and switch privacy mode to HIPAA. The DPA/BAA acceptance modal appears. Scroll through and accept.
This sets: BAA Approved, HIPAA Eligible, Signed, all acknowledgements checked.
Configure the allowlist
The privacy panel now shows allowlist checkboxes instead of blocklist fields.
Review each conversion definition carefully:
| Event Type | Recommendation |
|---|---|
| Payment Received | Safe — revenue data, no PHI |
| Lead Created | Generally safe — PII is hashed before export |
| Appointment Booked | Review carefully — may reveal health conditions |
| Closed Won | Review carefully — deal names may contain health context |
| Checkout Started | Depends on what is being purchased |
| Order Placed | Depends on product names |
Only check event types you are confident do not leak PHI.
Verify exports
Wait for new events to flow through, then check Conversion Sync > Deliveries:
- Allowed event types:
status: sent - Blocked event types:
status: skipped, reason:healthcare_allowlist_blocked - All sent events should show privacy filters in
filters_applied
Communicate to the customer
Inform them:
- Which event types are now exported vs. blocked
- Internal attribution and reporting are unaffected
- The dashboard now shows a green "HIPAA Active" badge
- Pipeline stage transitions are no longer exported
Impact on existing data
| What | Impact |
|---|---|
| Historical events in events_enriched | No change — already stored |
| Historical conversion_exports | No change — already sent/skipped |
| Active signal rules | Still active, but gated by the allowlist |
| Pipeline stage transition rules | Blocked from exporting (rules still saved) |
| Attribution data | No change — internal attribution is unaffected |
| Dashboard metrics | No change — reads from views/sessions, not exports |
Rollback
If you need to switch back:
- Go to Conversion Sync > Privacy & Compliance
- Switch privacy mode from HIPAA to Standard
- Blocklist fields reappear, allowlist checkboxes disappear
- The legal gate is no longer enforced
- All event types become exportable again
Rolling back removes all HIPAA protections
Only switch back if the profile no longer handles healthcare data. The DPA/BAA acceptance record is preserved in the legal compliance table for audit purposes.
Bulk migration for agencies
- Enable Healthcare Agency Mode in Workspace Settings > Compliance
- This does not auto-switch existing profiles — each must be migrated individually
- Use the compliance overview table to track progress
- New profiles created after enabling agency mode default to HIPAA