Business Plan

Clario

AI Compliance Monitor for Small Healthcare Practices

6.14

PE Score / 10

🟡 FUND (Conditionally)

Evaluated: March 2026

$500M+

Market Size

Compliance SaaS, healthcare, US

335K

Target Segment

Small practices under 20 staff

75–85%

No Software

Of small practices have no compliance platform

Market Opportunity

TAM

$500M+

Healthcare compliance SaaS, US — growing at 11.6% CAGR

Small Practices

335K

Under 20 staff: dental, chiro, behavioral health, optometry, primary care

Unserved

75–85%

Have no compliance software — manual processes or nothing at all

OCR Enforcement

2× increase

In 2024 — investigations now reach practices of all sizes

Avg Settlement

$491K

Range: $182K–$800K for small-practice HIPAA violations

CAGR

11.6%

Healthcare compliance SaaS market growth through 2028

Why Now

Three forces converging in 2025–2026: (1) OCR doubled enforcement in 2024 and explicitly prioritized small practices for investigation after patient complaints. (2) OSHA issued new healthcare-specific rules in 2024 that most small practices aren't aware of. (3) California AB 489 (effective January 2026) adds state-level AI and data requirements that overlap with HIPAA — creating a third regulatory layer that no existing product covers. The compliance burden just got heavier at the exact moment enforcement is tightening.

Competitive Landscape

Key finding: Compliancy Group (the closest competitor) confirmed NOT building state health department compliance. White space is validated.

Competitor	Price	HIPAA	OSHA	State	Key Weakness
Compliancy Group	$99–199/mo	✓	partial	—	No state health dept; complex UX; $75M PE-backed (validation)
Abyde	~$99/mo	✓	—	—	HIPAA only, bootstrapped, weak dashboard UX
MedTrainer	$250+/mo	✓	partial	—	Targets 50+ staff orgs — too expensive for small practices
DoneDesk	$99/mo	✓	—	dental only	Single specialty, no OSHA, no state health dept
HIPAA Secure Now	$125–175/mo	✓	—	—	HIPAA-only, audit prep focus, no training LMS
Clario	$149–199/mo	✓	✓	✓ multi-state	Only platform covering all 3 regulators for small practices

Moat: The regulatory knowledge graph

No competitor has a licensable state health department rules database. This content must be hand-built and maintained by regulatory domain experts. It is not easily replicated. Compliancy Group is NOT building it (confirmed via product research, March 2026). This is the differentiation — and it gets stronger with each state added.

Financial Model

Unit Economics

ARPU	$199/mo	(validated sweet spot — $299 ceiling, $99 floor)
COGS / customer	~$12/mo	(infra, AI, compliance data)
Gross Margin	~94%	(SaaS-typical)
LTV	$4,776	(24 months at 2% churn)
CAC (association channel)	$600	(critical — paid search alone: $1,200+)
LTV:CAC	7.96:1	(with association channel)
CAC Payback	3 months	(at $199/mo ARPU)
Break-even (users)	~52 customers
Break-even (timeline)	Month 18–19
MRR at break-even	$10.4K/mo

Revenue Projections

Year 1 Revenue	$149K	(conservative, 63 customers by year-end)
Year 2 Revenue	$612K	(308 customers, association channel live)
Year 2 Net Profit	$182K	(30% net margin by Year 2)
Churn assumption	2%/mo	(healthcare is sticky — real data from Compliancy Group)
Trial-to-paid conv.	35%	(above SaaS average — high-urgency buyer)
Seed budget needed	$120–150K	(HIPAA infra + attorney fees + content build)
Peak monthly burn	$18K/mo	(months 3–6 pre-revenue scale)
Infrastructure (MVP)	$3–5K/mo	(HIPAA-grade hosting)
Pre-launch compliance	$55–120K	(one-time, attorney + HIPAA infra)
Annual compliance cost	$40–75K	(ongoing BA obligations, updates)

⚠️ Critical correlated risk

If Compliancy Group pricing pressure simultaneously drives ARPU to $149 AND paid search CAC to $1,200+, LTV:CAC drops to 1.94:1. Association distribution holding CAC at ~$600 is existential — not optional. The go-to-market strategy is built around securing AADOM or AGD partnership before building product.

PE Scorecard

Optimist

Market Opportunity

7 /10

Skeptic

Competitive Position

6 /10

Pragmatist

Feasibility

6 /10

Skeptic

Financial Viability

5 /10

Skeptic

Regulatory Risk

5 /10

Optimist

Differentiation

7 /10

Pragmatist

Overall

6 /10

6.14

Overall Score

🟡 FUND — Conditionally

Top 3 Reasons to Fund

✓ Market is genuinely strong — 335K+ small practices, $500M+ TAM, hard OCR enforcement data, 11.6% CAGR. Timing convergence is excellent.
✓ Compliancy Group (the main risk) confirmed NOT building state health dept compliance. White space validated. The regulatory knowledge graph moat gets stronger with each state added.
✓ Healthcare churn reality: actual 2–3% vs. modeled 5%. If confirmed, LTV nearly doubles. LTV:CAC is strong (7.96:1) with the association channel.

Top 3 Risks

⚠ Compliancy Group ($75M PE-backed) could build state compliance if they see traction here. First-mover speed and association lock-in is the defense.
⚠ Seed budget reality: $120–150K minimum (2–3× easy estimate). HIPAA infrastructure + regulatory attorney fees make this a well-capitalized entry, not bootstrappable.
⚠ Association distribution is existential, not optional. If AADOM/AGD distribution doesn't close pre-launch, the whole financial model needs rebuilding.

Go-to-Market Strategy

Phase 1 — Dental beachhead

Highest OSHA burden, standardized workflows, strong association distribution (AADOM 7K+ dental office managers, AGD 35K+ dentists).

CAC: ~$600 via association

Phase 2 — Expand specialty

Chiropractic (ACA), behavioral health (NASW), optometry (AOA) — each association adds a new distribution channel with existing trust.

Target: 5 specialties in 18 months

Phase 3 — Paid search overlay

Add Google Ads for "HIPAA compliance software" only after association channel validates the product. CAC via paid: $1,200–$1,500 — viable only with confirmed LTV.

CAC: ~$1,200 paid search

5 Required Conditions Before Funding

Secure AADOM or AGD association partnership BEFORE building product

Price at $199/mo ARPU — not $299 (validated ceiling)

Raise $120–150K total capitalization (not $85K)

Build state content for top 5 dental states within 6 months of launch (CA, TX, FL, NY, AZ)

Monitor Abyde Compliance Task Force quarterly for roadmap signals

Technical Feasibility

MVP buildable in 90–120 days

Federal scope only (HIPAA + OSHA). Critical path is regulatory domain expert hiring, not engineering. Tech stack: standard SaaS (React, Node, Postgres, HIPAA-grade cloud).

AI: attorney-vetted template + variable fill

Not generative AI for legal documents. Structured templates with practice-profile variables. LLM used for plain-English explanation and fix recommendations only — lower regulatory risk.

No EHR integration needed for MVP

Compliance monitoring doesn't require reading patient data. Staff training, BAA tracking, and policy docs are all practice-admin functions. This is a HIPAA Business Associate but PHI access is not required for v1.

Regulatory/Legal

🟡 Medium risk — manageable

HIPAA Business Associate status near-certain. Pre-launch compliance costs: $55–120K one-time. Annual: $40–75K. The compliance moat is real — harder OCR enforcement = stronger value prop.

FTC Operation AI Comply risk

FTC is scrutinizing AI compliance marketing claims. Clario's positioning: "we identify what the regulation requires" — not "we guarantee compliance." Copy must be conservative on outcome claims.

CA AB 489 (effective Jan 2026)

Affects UI design and AI disclosure requirements for California users. Addressed in product roadmap — not a blocking issue.

Interested in Clario? Let's talk.

We're building the regulatory knowledge graph. We need the right partner before the first line of code.

Get in Touch

See the full investor view at clario.nltlabs.ai/inside