PHIGuard vs Fellow: Meeting Notes Apps and HIPAA Don't Mix Without a BAA

Fellow is a meeting management and note-taking app without a HIPAA BAA. Clinics that use Fellow for care coordination meetings or compliance discussions may expose PHI on a non-covered platform.

Short answer

Fellow is a meeting notes and team management app designed to improve 1:1s and team check-ins. It does not offer a HIPAA Business Associate Agreement. Clinics using Fellow for any meeting that involves PHI — care coordination, incident reviews, or compliance discussions — are creating compliance exposure.

Why switch to PHIGuard

PHIGuard wins for small clinics needing HIPAA operations, not another generic workspace.

PHIGuard is the stronger fit when a clinic needs BAA coverage at every plan, audit history, per-clinic pricing, and compliance task, incident, vendor, and policy workflows in one operating system.

For alternative pages, the argument is sharper: keep generic tools where they fit, but move patient-adjacent compliance operations into PHIGuard when BAA coverage, audit history, and clinic workflows matter.

Proof point BAA every plan Contractual coverage is part of the standard product path instead of being held behind an enterprise-only conversation.
Proof point Audit history for clinic work Tasks, incidents, evidence, and program actions preserve a clearer operating record than ad hoc boards or documents.
Proof point Per-clinic pricing Plans are priced around the clinic, so adding admins, providers, and coordinators does not create per-seat cost pressure.
Proof point HIPAA operations workflows Compliance tasks, incidents, vendors, policies, training, risk, and evidence live in a system shaped around covered-entity work.

This does not mean PHIGuard is the best fit for every buyer. Enterprise teams with broad GRC, deep custom development, or non-clinic collaboration needs should compare those requirements directly.

Fellow is a meeting productivity tool. Teams use it to manage agendas, capture notes, and track action items from recurring meetings. For a distributed software company or a consulting firm, it is a reasonable choice. For a medical clinic, the relevant question is whether it can legally hold the information that comes out of clinic meetings.

It cannot, without a Business Associate Agreement that Fellow does not offer.

When Meeting Notes Become PHI

Clinic meetings are different from software standups. A daily huddle that reviews the patient schedule for the day contains PHI. A quality review meeting that discusses a specific adverse event is a PHI context. A compliance meeting that reviews an incident involving a named patient generates PHI in its notes and action items.

Under 45 CFR § 160.103, PHI is any individually identifiable health information that a covered entity creates, receives, maintains, or transmits. That definition applies to meeting notes. The fact that the information was captured in a meeting tool rather than an EHR does not change the classification.

What Fellow Is Good At

Fellow is well-designed for general meeting management. Its 1:1 templates, team check-in flows, and manager coaching features are useful in corporate environments. None of that is relevant to a clinic that needs to track corrective actions from a HIPAA risk assessment or document who attended mandatory training.

How PHIGuard Handles Compliance Task Work

PHIGuard is not a meeting notes app. It handles the structured task layer that comes out of compliance activities:

  • Assigning and tracking corrective actions from risk assessments
  • Documenting staff training completion with timestamps and role context
  • Managing incident response task chains with an immutable audit trail
  • Routing policy acknowledgments with evidence of completion

These are the outputs of compliance meetings — the action items and documentation requirements. PHIGuard manages them with PHI-aware data handling and a signed BAA.

Comparison

FellowPHIGuard
BAA availableNot publishedIncluded at every tier
Pricing modelPer user/monthPer clinic/month
HIPAA audit trailNoYes, immutable
PHI-aware data handlingNoYes
Compliance task templatesNoYes

PHIGuard’s Essentials plan is $99 per clinic per month. The Clinic plan is $249. The Group plan is $499.

The Practical Recommendation

If your clinic uses Fellow primarily for internal team meetings that involve no patient information, the BAA gap may not be your immediate concern. But if any of your meetings touch care coordination, patient incidents, or individual compliance histories, the tool you use to capture and track those meetings needs a BAA.

For that work, PHIGuard handles the task and documentation layer with full compliance coverage.

Review PHIGuard’s BAA and HIPAA compliance structure. For context on how incidental disclosures of PHI in meeting tools can create liability, see our incidental disclosure guide. For a comparison with a broader collaboration platform, see our analysis of Slack as a healthcare alternative.

Verified by PHIGuard

Written by: Angel Campa

Reviewed by: PHIGuard Compliance Research

Updated: April 23, 2026

Vendor posture reviewed: April 23, 2026

Sources

Free clinic resource

Vendor BAA Tracker

Track which vendors have a signed BAA, which still need review, and where contract follow-up is stalled.

We will send the resource to your inbox.

Browse all resources

FAQ

Questions clinics ask before leaving Fellow

Does Fellow offer a HIPAA BAA?

Fellow does not publish a HIPAA Business Associate Agreement. Clinics using Fellow to manage meetings that involve patient-related discussions or compliance tracking are doing so without the required vendor protections.

Can meeting notes constitute PHI?

Yes. If a meeting note references an identifiable patient — their name, a clinical situation, a specific incident — those notes qualify as PHI under 45 CFR § 160.103. The format (meeting notes vs. a patient record) does not change the HIPAA classification.

What does PHIGuard offer for meeting-related compliance tasks?

PHIGuard handles the task and action-item layer of compliance meetings — assigning follow-up tasks from a risk assessment review, tracking who completed a corrective action, documenting policy change acknowledgments. It is not a meeting notes app, but it manages the structured work that comes out of compliance meetings.

Operational assurance

Ready to put compliance on a proper foundation?

PHIGuard gives your clinic an audit trail, a signed BAA, and a task management system built for covered entities rather than adapted from generic software collaboration tools.

BAA included Legal baseline available on every plan.
Audit history Compliance actions stay reviewable later.
No card upfront Start evaluation before billing setup.
Start free trial

No credit card required. Add billing details later if you want service to continue after the trial.