Discover free eBooks, guides and med spa templates on our new resources page
Explore our popular products
Appointments, staff & rooms in one view
Self-service booking, 24/7
Auto-drafted consult notes
Secure access to book, pay & more
Custom clinical forms & notes
Payment processing online & on-site
Secure video consultations built in
Buy now, pay later is now available in Pabau
Elevate your care to the next level
Centralized patient data & history
Recurring memberships & service plans
Track patient outcomes with data
Document treatment with photos
Post-treatment care instructions
Voice-to-text clinical notes
Order, track & review lab results
Create, manage & order prescriptions
Premium patient care tools for smarter workflows and personalised experiences.
Schedule & collect payments with ease
Group classes & attendance tracking
Process payments at checkout
Submit & track insurance claims
Create & send treatment quotes
Set booking & cancellation rules
Manage your clinic on the go
Fill cancelled slots automatically
Manage your clinic with confidence
Organize staff by roles & teams
Track & calculate staff commissions
Record staff hours & attendance
Stay secure, compliant & efficient
Generate practice-wide performance reports
View real-time metrics & analytics
Manage stock levels & suppliers
Pabau Insights Plus gives clinics real-time visibility into bookings, revenue, and practitioner performance, helping them make smarter decisions and grow efficiently.
Push your growth to the next level
Convert website visitors to leads
Track & nurture every enquiry
Send targeted email & SMS campaigns
Automate repetitive clinic tasks
Reward & track repeat patients
Sell & redeem gift vouchers
Create promotions & discounts
Collect & manage patient reviews
Pabau Marketing Plus helps clinics attract, engage, and retain patients with built-in tools for workflows, campaigns, automations, and follow-ups, all connected directly to their booking and patient data.
Medical-led wellness and preventive care
Surgical and non-surgical aesthetic care
Specialist care for reproductive, hormonal, and sexual health
Non-surgical and regenerative care for movement and recovery
Clinical mental health and behavioral care
Read case studies from our satisfied clients
Compare Pabau with alternative systems
Learn why this holistic care and aesthetic medicine clinic chose Pabau to power patient care and performance.
Here’s how we keep your data safe and secure.
Pabau uses DigitalOcean as our cloud infrastructure provider, which implements strong technical controls to protect your data.
Pabau securely processes transactions using Stripe, a leading payment platform with the highest level of PCI compliance.
We don’t store or access credit card details. Stripe encrypts card data, restricts internal access, and ensures secure communication over HTTPS/TLS.
Pabau's cloud-based platform is safeguarded by advanced security measures designed to protect your data at every level. From secure server hosting and two-factor authentication to firewalls and regular security updates, our infrastructure ensures the highest standards of protection and scalability.
Pabau ensures data security by encrypting data at rest using LUKS and AES-256, with encryption managed by our third-party provider, DigitalOcean. To protect data in transit from interception or tampering, we use TLS encryption. These security measures help prevent breaches, safeguard sensitive information, and ensure compliance with industry standards such as PCI and HIPAA
Pabau performs daily data backups, with files securely stored in multiple locations. We retain backups for six months, ensuring data integrity, facilitating analysis, and allowing for the recovery of patient files in case of accidental alterations or deletions.
Pabau follows industry best practices by implementing proactive monitoring, data encryption, and secure backups. In the event of an incident, we have defined protocols to assess risks, mitigate threats, and restore data efficiently, ensuring minimal disruption and compliance with security standards like HIPAA and PCI.
At Pabau, security is a fundamental priority. Our platform is hosted in highly secure facilities that undergo regular, rigorous assessments. We implement multiple layers of protection, including 24/7 surveillance, access controls, advanced encryption, and continuous monitoring to safeguard your data.
Running a medical spa or healthcare business means processing sensitive patient data every day. That’s why Pabau provides robust security tools to ensure your data remains safe, secure, and accessible only to authorized personnel.
Two-factor authentication (2FA) in Pabau adds an extra layer of security.
Users must enter a 6-digit code, sent to their mobile phone, along with their username and password in order to log in.
With role-based authorization, medical personnel can control access to confidential patient data in Pabau and restrict patient records to themselves only or their medical team.
Enabling our HIPAA compliance support toggle in Pabau adjusts system settings to support with compliance. This includes disabling certain features.
Read more about the toggle.
You can ensure password security by setting expiration frequency, enforcing password history, limiting invalid login attempts, and defining lockout duration to enhance account protection.
Our security rating score evaluates your system setup by analyzing the security features you have activated in Pabau. It’s a quick way to help you identify areas for improvement.
Secure the calendar with a passcode to prevent unauthorized access. This is perfect for maintaining privacy when clients are nearby or when stepping away from the front desk.
Every user of the iOS app (for clinic teams) must have a unique PIN code.
This allows you to trace actions within Pabau’s patient journey feature back to specific users and create a clear audit trail.
Securely add forms and photos directly to a patient record via the Pabau Go iOS app and web-based version of Pabau.
This can eliminate the need for scanning, uploading, and transferring between devices.
At Pabau, our fully managed process simplifies data migration, ensuring the safe and accurate transfer of your client details, appointments, financial records, and more.
Our experienced team handles everything so you can confidently transition to Pabau with minimal stress and disruption.
We’ll provide tailored recommendations to enhance security and streamline usage of key features during our account optimization process, which every new customer receives.
Our team will guide you through best practices for protecting your data and ensuring you use the right tools to maintain a secure system.
“Different staff levels get appropriate access to system features. Practitioners can customize their own documentation preferences. Front desk sees everything needed for scheduling and billing. Management gets good overview reports of all operations.”
“Started with basic features when we were smaller and added more as needed. The scalable system grew alongside our practice without issues. Adding new providers and staff members is simple. Multiple users levels keep sensitive data properly restricted.”
“Digital forms have made intake so much faster for new patients, with help from the team the customization options let us create exactly what we needed for different treatments. Everything gets stored securely and we can access it from any computer…”
“Been using the digital forms feature for about 6 months now and it’s amazing how much paper we’ve saved. No more dealing with messy handwriting or lost documents in the office. The templates are pretty easy to customize for different treatments and patient info…”
“System has been stable during our two years of use with minimal interruptions. Updates happen overnight so they don’t disrupt our workflow. Backup systems have worked well during internet outages. Speed stays consistent even with multiple users logged in.”
Our uptime is above 99.99% for the past 12 months. In other words, over the past year we have had less than nine hours of downtime out of a total of 8760 hours.
View our system status at any time here: https://pabau.instatus.com/
They’re stored in London, UK
All data provided will be stored securely in London for UK customers, ensuring full compliance with UK and EEA data protection regulations, including GDPR.
For non-UK customers, we are currently evaluating regional storage options to better align with local data protection requirements.
Yes, we do. The provider is called DigitalOcean.
Like many businesses, we use this company to host our servers virtually so we’re not reliant on physical servers. Hosting everything virtually makes it easier for individuals and businesses to manage their online presence without worrying about the technical details of hardware and infrastructure. DigitalOcean is one of the largest and most stable globally.
You can view our privacy policy here: https://pabau.com/privacy-policy/
Yes, we do. View our webpage about GPDR here: https://pabau.com/gdpr/
A software solution alone won’t make your business HIPAA compliant. We support HIPAA compliance with robust tools such as authorized personnel access, audit logs, and data encryption and secure storage. However, you must also implement the appropriate policies and procedures within your organization to ensure you comply with all HIPAA requirements.We also have a HIPAA compliance toggle that enables you to activate HIPAA compliance support in Pabau. Read more here: https://pabau.com/hipaa-compliance/
Your data is yours. It will be back in your hands within 30 days of canceling. We delete it within 90 days.
We use Amazon Web Services to store photos. Read more here: https://aws.amazon.com/
