Question 1

Why does PANDAS Tracker build new features slowly compared to other health apps?

Accepted Answer

PANDAS Tracker handles some of the most sensitive data a family can share — behavioral health records, psychiatric evaluations, and infection histories for children. Every feature that touches that data must be architected with privacy, encryption, and access control in place before release. Moving fast with features means moving fast with risk to families. SPM Health Tech chooses deliberate, slower feature development over shipping quickly and fixing privacy problems later.

Question 2

Is PANDAS Tracker HIPAA compliant?

Accepted Answer

PANDAS Tracker follows HIPAA-aligned security practices including AES-256 encryption at rest, TLS 1.3 in transit, role-based access controls enforced by Firebase Security Rules, audit logging of data access, and a Business Associate Agreement (BAA) with Google Cloud (Firebase).

Question 3

How does PANDAS Tracker decide which AI features are safe to implement?

Accepted Answer

Before any AI feature is built, SPM Health Tech answers three questions: (1) Where does the health data go when AI processes it? (2) Who can access it during and after processing? (3) For how long is it retained by the AI provider? If any answer introduces unacceptable risk to family privacy, the feature is not built.

Question 4

What does data minimization mean in PANDAS Tracker?

Accepted Answer

Data minimization means PANDAS Tracker only collects the data it actually needs to provide its service — nothing more. The app does not collect device identifiers beyond what is needed for authentication, does not track browsing behavior, does not use advertising SDKs, and does not log location data unless a caregiver explicitly records it.

Question 5

Who built PANDAS Tracker and what is their security background?

Accepted Answer

PANDAS Tracker was built by Kenneth Vignali, a PANDAS parent who is also a cybersecurity professional with a Master of Science in Cybersecurity and a Juris Master in National Security, Cybersecurity, and Privacy Law. Kenneth founded his own cybersecurity advisory firm before building this app.

Question 6

Can PANDAS Tracker employees see my child's health records?

Accepted Answer

No. Firebase Security Rules enforce that only authenticated members of your family plan can read or write your child's health records. SPM Health Tech employees cannot access your family's records through the Firebase console without an explicit, documented support request from the account holder. All administrative access is logged and auditable.

Why We Build Certain Features Slowly — And Why That's a Good Thing

The data safety question we ask before every AI feature

What HIPAA compliance actually means

Who built PANDAS Tracker

Frequently Asked Questions