Case Study — Healthcare Forms Platform

HIPAA-compliant analytics platform selection, implementation quality audit, and churn-prevention infrastructure built from the ground up.

Stack PostHog Mixpanel Amplitude Customer.io Chameleon
33
Decision-ready analytics insights built
~89%
Reduction in low-value event volume post-audit
4
Analytics platforms evaluated before selection
33
Decision-ready dashboards built
Ongoing
Engagement — research, analytics, retention

Before.

A HIPAA-compliant healthcare forms platform had grown to serve thousands of medical practices across multiple specialties. Their product handled patient intake — forms, submissions, EHR integrations — for solo practices through to multi-location enterprise accounts. The compliance requirements were non-negotiable: HIPAA BAA, PHI-free analytics, compliant data pipelines.

Before the engagement, the team had evaluated several analytics platforms without a structured framework for making the decision — Amplitude, Mixpanel, and PostHog each had different compliance postures, pricing models, and architectural tradeoffs for a HIPAA use case. Once a platform was selected, the implementation had been done without a formal taxonomy, governance structure, or capture controls. An audit of the live setup caught a developer implementation error: autocapture was firing on high-traffic patient-facing routes — /practice, /submissions, /login — generating thousands of events per day that delivered no analytical value and created avoidable HIPAA compliance exposure. The cost of this single implementation error was material and the trajectory was still climbing.

Alongside the billing crisis, the team lacked a systematic picture of their customers: no validated segmentation, no JTBD framework, no churn prediction model, no automated win-back infrastructure. The product was growing, but growth was not being measured — and customers were leaving without warning.

The Situation
  • No structured framework for evaluating analytics platforms against HIPAA requirements — Amplitude, Mixpanel, and PostHog each required a different compliance approach
  • Developer implementation error: autocapture firing on patient-facing routes, generating high event volume with no analytical value and creating compliance exposure
  • No billing controls or governance on what was being collected — costs escalating with no ceiling in place
  • 33 dashboards built but event naming inconsistency and schema drift making them unreliable
  • No churn prediction, no at-risk scoring, no win-back sequence for trial users who did not convert
  • Customer segmentation and JTBD work not yet connected to product decisions or lifecycle messaging

What we did.

A multi-track engagement covering analytics architecture, billing remediation, product research, and lifecycle marketing — run in parallel with the product team's development roadmap.

Track 1 — PostHog Architecture and Implementation
Full PostHog analytics architecture for a HIPAA-compliant product: PHI-free event schema, person identification strategy, endpoint-level capture controls, and event naming conventions. 33 insights built across 2 dashboards covering revenue metrics, churn signals, activation funnels, and feature adoption. Implementation shipped directly to production with the engineering team.
Track 2 — Billing Crisis Response
Implementation audit identified the cost driver: a developer error had left autocapture active on high-traffic patient-facing routes, generating event volume that delivered no analytical value and created HIPAA compliance exposure simultaneously. Remediation deployed with the engineering lead — autocapture scoped correctly, web vitals disabled, identified-event volume controlled. Total event volume dropped approximately 89% week-over-week. The same implementation error that was driving cost was also the primary compliance risk: resolved in the same fix.
Track 3 — Product Research
Full JTBD framework for healthcare forms: 85+ jobs-to-be-done validated across 60 sales calls, mapped to 6 user personas (solo admin, physician, multi-location operator, enterprise IT, and others). Kano model covering 40+ features — identifying which are Basic, Performance, Delighter, and which are approaching competitive parity. Product DNA classification across 10 strategic dimensions, including the critical finding that the Essential Plan segment behaves as a PLG product, not a sales-led one.
Track 4 — Competitive Intelligence
14 competitors mapped against the client's feature set. 887+ pages of competitor data analysed. 2 genuine product Delighters identified — features no competitor had at launch. Competitive positioning guides built for the sales team covering the most common competitive scenarios. Win rate analysis by persona and plan type.
Track 5 — Churn Prevention and Win-Back
Post-trial win-back sequence designed for Customer.io: email flow for trial users who did not convert, suppression logic, minimal event/property layer required to trigger and personalise the sequence. Chameleon in-product churn prevention flow designed separately — modal and tour specifications delivered to the engineering team. Both tracks sequenced to avoid implementation conflicts.
Track 6 — Market Sizing and GTM
NPPES-based market analysis mapping 5.4 million active healthcare providers across 16 provider types to 1.7 million unique practice addresses. TAM/SAM/SOM model with source citations on every claim. Market data segmented by practice type, specialty, and geography — usable as a lead-generation source, not just a pitch-deck figure.

Verified results.

~89%
Reduction in low-value event volume after implementation audit — same fix resolved the compliance exposure
~89%
Week-over-week drop in total event volume after remediation (1.16M events/day to 130K)
4
Analytics platforms evaluated (Amplitude, Mixpanel, PostHog, and one incumbent) before platform selection with HIPAA tradeoff analysis
33
Analytics insights built across 2 dashboards — revenue, churn, activation, feature adoption
85+
Jobs-to-be-done validated from 60 sales call transcripts and mapped to product decisions
14
Competitors mapped with win/loss analysis and competitive positioning guidance per scenario

This engagement is ongoing.

This is not a one-off project. The analytics architecture, churn prevention, and product research tracks are running in parallel, sequenced against the product team's release schedule. New work — event verification, in-product churn prevention, Customer.io win-back, and messaging analytics — is delivered as each phase completes. The depth of context built over a long engagement is part of what makes the work fast and accurate.

What you can do now.

HIPAA-compliant analytics that actually works

Analytics on a healthcare product needs a PHI-free event schema, compliant person identification, and governance on what gets collected. The architecture is built. You are not choosing between compliance and visibility — you have both.

Analytics implementation that does not create hidden risk

The implementation audit caught an error that was simultaneously driving cost and creating compliance exposure — both resolved in the same remediation. Governance controls, a billing limit, and correct capture scoping mean a similar error cannot silently compound again.

Customers who lapsed get a real reason to come back

The Customer.io win-back sequence targets trial users who did not convert with an automated, segmented email flow. Suppression logic ensures converted users do not receive it. It is live, it runs without manual intervention, and it is built to expand into V2 without re-architecting the foundation.

See What This Costs → Book a 15-Minute Call
Jake McMahon
Jake McMahon
ProductQuant

10 years building analytics and growth systems for B2B SaaS at $1M–$50M ARR. BSc Behavioural Psychology, MSc Data Science. Healthcare SaaS is uniquely hard because you’re solving compliance and growth at the same time, and they’re not separate problems. The same autocapture that creates HIPAA exposure is often the one generating 89% of your useless event volume. Fix one, fix both.

What this looks like for your company

The Foundation.

A six-week engagement covering all six growth layers simultaneously — analytics, compliance, research, competitive intelligence, churn prevention, and market sizing — with full documentation at the close.

  • PostHog architecture and compliance review: autocapture audit, event taxonomy, HIPAA exposure remediation
  • JTBD validation: jobs from sales calls coded, ranked by frequency, and connected to roadmap
  • Competitive intelligence: 14+ competitors mapped with ongoing monitoring system
  • Churn prevention: win-back sequences and in-product interception flows designed and live
  • Market sizing from primary sources: NPPES, CMS, industry databases
$15,000–$25,000 · 6 weeks
Right for you if
  • Healthcare SaaS managing compliance exposure alongside growth — both need to move simultaneously
  • Multiple concurrent growth problems without a structured framework to prioritise them
  • Need a partner who can run six workstreams in parallel without losing thread on any of them
See Full Details → Start a Conversation

See how it works for your company.

A 15-minute call is enough to know whether what we do is relevant to where you are.

Start a Conversation → See All Offers →