Replace the pixel. Keep the conversion signal. Leave the rest alone.
A compliance proxy between a healthcare website and every marketing or analytics destination. Outbound tracking events leave sanitized. No IP. No fingerprint. No URL. No consumer health data crosses the wire. The only valid destinations are a private Matomo instance and the major Conversion APIs.
Why this exists
Class actions, FTC actions, and state AG actions against healthcare websites running standard analytics and ad-conversion pixels. A multi-year, multi-state settlement docket. Plaintiff firms file under state wiretap statutes, state consumer-health-privacy laws, state comprehensive privacy laws, federal ECPA, and the FTC Act — wherever a visitor's state of residence opens a cause of action. Cyber insurance renewals in 2026 condition coverage on tracking-pixel controls.
Class actions against hospital systems, specialty pharma, telehealth, and digital-health platforms across multiple states. State wiretap, state consumer-health-privacy, federal ECPA. Docket accelerates post-Dobbs and post-AHA v. Becerra.
Architecture
A single sanitization layer. Two outcomes:
You finally see the full journey. Matomo replaces GA4 and Adobe Analytics. Private, first-party, client-owned. Every visit. Every page. Every action. By visitor. Unsampled. Unlimited retention.
Open any visit, see the exact path. Page sequence, time on each, referrer in, exit out. The data Meta and Google were holding back, now on the client's side of the wire.
Your ads keep running. Meta Pixel, Google Ads tag, Bing UET, LinkedIn Insight — replaced by server-side Conversion API calls. Payload: per-event UUID, conversion value, timestamp. That's it.
Nothing matchable crosses the wire. No IP. No fingerprint. No URL. No click ID. No hashed PII. No persistent user signal.
Platforms see a conversion happened. They can't tell who. Identity stitching is impossible at the destination — which is what keeps the flow outside the statutory "sale" definition under state consumer-health-privacy law.
IP · Fingerprint · URL
Strip Health-Intent URL
Conversion APIs
Out of scope: CRM, marketing automation, EHR, EMR, and authenticated patient portals operate on separate data paths and are not touched by Apex Vault. The compliance perimeter wraps the marketing and analytics surface only.
Audiences
Apex Vault deploys to three operator profiles, sized from independent practice through enterprise.
1 — 4 location practices
Multi-tenant. Solo and small-group practices. Templated BAA, standard CAPI forwarding, private Matomo.
Independent Practice →5 — 25 location operators
Single-tenant. Multi-site groups, PE-backed platforms, MSO operators. Custom integrations, negotiated BAA, pre-go-live pen test.
MSO Platform →26+ locations · pharma · hospital systems
Bespoke. Hospital systems, specialty pharma, multi-brand enterprises. Custom hardening, independent Letter of Attestation.
Enterprise →Regulatory perimeter
Enterprise providers, MSO operators, and specialty pharma face the same statutory perimeter. HIPAA coverage status differs across the three. Everything else applies uniformly.
Posture
Security posture and attestation details are published on the trust subdomain.