How to Use Google Workspace for EHR: The Complete Therapist’s Guide

I still remember the day I realized my paper files and Post-it reminders just weren’t cutting it anymore. If you’re a private practice therapist, you’ve probably been there too—digging through a filing cabinet for the right note, stressing about HIPAA compliance, and feeling like you’re one step behind on organization. Add the cost of most EHR systems into the mix, and it’s no wonder so many therapists put off going digital.

After years in private practice, I knew it was time to find a better way to manage my notes, intakes, and schedules. The idea of switching to an electronic system felt big—but what I learned is that it doesn’t have to be complicated or expensive.

I discovered Google Workspace through a colleague. She mentioned that she was going to be switching to a new email address and no longer using her “@gmail” address. She mentioned that she would now be using “GSuite” (as Workspace was formerly called). At first I thought she was crazy – who wants to go through the hassle of changing an email address? What’s wrong with gmail? That’s the kind of email I was using as well. Then I realized why she was doing it – HIPAA. Yikes.

No, it actually wasn’t hard at all to make the switch. I have now completely embraced the Google Workspace ecosystem and have been on board for years. I am so happy with it that I have decided to help other therapists just like you unlock the full potential of Google Workspace to build an affordable, secure and streamlined electronic health record (EHR) system—no costly software or steep learning curve required. Just your practice, your way, with Google Workspace.

In this post, I’ll show you:

Why Google Workspace can work for HIPAA compliance
How to pick and configure the right plan
Step‑by‑step setup: from signing your BAA to locking down security
Real‑world workflows using Forms, Templates, Calendar, Meet, Sheets, and Drive
Integrating HIPAA‑compliant payment solutions (think Square)
Extra tips and tricks I’ve picked up after 20 + years of practice

Off we go!

HIPAA Compliance: It Starts with a BAA

The good news: Every paid Google Workspace plan lets you sign a Business Associate Agreement (BAA) with Google—a must for handling any protected health information (PHI). In other words, no matter which tier you choose, you can be set up for HIPAA security.

Quick note: When I first switched my practice from paper charts to Google Workspace, signing the BAA literally took me a couple of minutes in the Admin console. It’s a relief to know that you took this first and very important step to safeguard client information.

BUT… (there’s always a but 😏) you should also be aware that HIPAA compliance is more than just checking a box. It’s a behavior and what you do with the client information you maintain is important. More about that later.

Why the BAA matters

It formalizes Google’s commitment to HIPAA standards.
It gives you the legal cover to store PHI in Gmail, Drive, Forms, and more.
It’s free—no additional fees beyond your monthly subscription.

How to Sign the BAA

Sign with just a few clicks:

Log into your Google Admin console (admin.google.com).
Go to Account → Account settings → Legal & compliance.
Find and accept the HIPAA Business Associate Amendment.

That’s it—Google now agrees to HIPAA standards for your organization. If you ever want to check to verify this, just go to the Legal & compliance section and you will see there that you have “Accepted Terms of Service.”

Which Google Workspace Plan Should I Choose?

Features vs. Budget

All paid plans (Business Starter, Standard, Plus, and Enterprise) can be HIPAA‑enabled. But higher tiers give you more “security bells and whistles” right out of the box. Here are the plans and costs, including the discount you receive if you pay annually vs monthly:

Plan	Monthly Cost (per user)	Key Features for Therapists
Business Starter	$8.40 monthly, $7 if paid annually	Basic Gmail, Drive, Docs; 30 GB storage; 2FA; BAA available
Business Standard	$16.80 monthly, $14 if paid annually	2 TB storage; Meet recordings; Vault for retention
Business Plus	$26.40 monthly, $22 if paid annually	5 TB storage; advanced endpoint management; DLP
Enterprise	Custom	Unlimited storage; advanced security center with more robust DLP

Starter can work if you’re a solo therapist with simple needs—just be prepared to handle some security tasks (like manual audits) yourself.
Standard just might be the sweet spot: plenty of storage for client files, easy meeting recordings (great for supervision), and built‑in Vault.
Plus/Enterprise stands out as a contender when you have a team or need advanced DLP (data‑loss prevention) and device management.

Locking Down Security

HIPAA compliance isn’t just a signature; it’s an ongoing practice. Here’s how I secure my Workspace:

Two‑Factor Authentication (2FA)
Enforce 2FA for all users. A lost password shouldn’t equal a lost PHI file.
Access Controls
Assign permissions for therapists, assistants and admins. Only therapists should see clinical notes folders.
Google Vault (Standard & above)
Configure retention rules—e.g., keep all clinical emails for the required number of years as per your state regulations.
Audit Logs & Alerts
In the Security Center, enable alerts so that you are made aware of any changes to your account or of any suspicious activity.

Passwords

Passwords must be at least 12 characters in length, changed every 180 days and must include:

At least one uppercase letter
At least one lowercase letter
At least one number
At least one special character (e.g., !, @, #, $)

Passwords must not include:

Common dictionary words
Usernames, personal names, or company names
Sequential characters (e.g., “1234”, “abcd”)

Pro tip: Schedule a quarterly “security review” on your calendar to check audit logs and update user access.

Google Forms: Your Digital Front Desk

My intake and onboarding process starts with Google Forms.

Design a HIPAA‑Friendly Intake Form

Collect necessary data: name, date of birth, relevant medical history, etc.
Include a digital signature question for consent.

2. Embed or Send Links

Add the form link to a “Start Here” page on your site. If you’d like, you can use a Google Site to set up a patient portal.
Or, send it directly via a secure Gmail template.

3. Secure Response Handling

Clients don’t need to email anything back to you. All responses are automatically saved to the form in the response tab at the top of the form. You can also easily link the responses to a Google Sheet to store them there as well.
In addition, if you want to automate creation of a pdf of the response when the form is submitted, you can use my Auto PDF Generator. All responses will be routed to a secure, private Drive folder. You can find this add-on 👉here. This is a great option if you need an individual copy of each client’s form submission for their file.

If you want to learn more about using Google Forms to streamline client onboarding, read my post here. And if you want to get ready-to-use Google Form Templates for your practice, click here.

Gmail Templates: Cut Reply Time in Half

Stop rewriting the same email a hundred times! Here’s my workflow:

Create Templates for:

New‑Client Welcome
Appointment Reminder
No‑Show/Reschedule Request
Homework or Resource Follow‑Up

When I schedule a first session with a new client, I open Gmail and pull up the template I’ve created for that situation. The email already includes a friendly welcome message and links to the Google Intake Forms. All I have to do is add the client’s name and any extra details — then hit send. Done.

Secure Sharing:

Never include PHI in the template body—just write a general welcome email and include a secure Google Forms link.

Here’s a sample welcome email:

Hi [First Name],

Thanks for choosing [Your Practice Name]. Please complete your intake forms here: [LINKS]. I’ll review it before our first session on [Appointment Date]. Let me know if you have any questions. Looking forward to meeting you!

[Attach your forms here]

Scheduling Your Sessions: In-Person or Virtual

Google Calendar

Color‑code client sessions, admin tasks, and personal time.
Set up a booking calendar if you want clients to self‑book within available windows.
Set up notifications to be reminded of upcoming sessions.

Looking for a full tutorial on using Google Calendar for scheduling in your practice? Read my blog post about it here.

Google Meet

Hold your teletherapy sessions using Google Meet. No need to pay extra for Zoom or anything else! (Btw if you’re thinking of ditching Zoom, check out my post here on using Google Meet for teletherapy)
Create a recurring Meet link for each client—you don’t have to generate new links every time.
Waiting Room feature: admit only your client by name.
Recording (included with the Business Standard plan and above): If you would like, you can record your video sessions. A written transcript can also be created. Enable this feature only with explicit consent. Store the recording in a client‑specific Drive folder.

Real case scenario: One of my adult stuttering clients loves watching parts of our session (with consent) to practice and track progress. I record sessions, save them in Drive, and share a private link.

Google Sheets: More Than Spreadsheets

I’ve built several therapist‑friendly Sheets in Workspace Therapist, including:

Session Notes Tracker

Columns: Date, Client Name, Goals Addressed, Strategies Used, Outcomes, Plan.
Easy dropdowns for service codes and session types.
Check out the Session Notes Template Bundle which includes a Google Sheet, Doc and Form Session Note template. Each one is easily customizable to fit your needs. Grab it 👉here.

Income & Expense Tracker

24 drop‑down expense categories most frequently used by therapists, including continuing education, clinical & therapy supplies, dues and memberships, etc.
Running totals of income and expenses, pivot tables, and an auto‑updating bar chart dashboard. If you want to grab this tracker, click 👉 here. I know I’m biased, but I use it for my own practice and I love it! My accountant appreciates it as well!

Google Drive: Your Digital Filing Cabinet

A well‑organized Drive is the backbone of your EHR. Set up a filing system with folders and subfolders, and use color coding to make it easy to find what you’re looking for:

Top‑Level Folders: Organize folders using categories such as “Clients, Accounting, Professional, Therapy materials,” etc. . Assign colors to your folders for even better visual organization.
Subfolders:
- Each client should have their own folder.
- Create more subfolders within the client folder for session notes, evals, intake forms, invoices, etc.

Every document in your Drive should live inside a folder — no exceptions. If you have ‘loose’ documents floating around, take a few minutes to create folders by category or move them into the ones you already have. You’ll thank yourself later when you open My Drive and see a clean, color-coded structure where everything is right where you expect it.

3. Permissions:

- In the share settings of any document, you decide who has access. In addition you decide on the type of access they have, such as viewer, commenter or editor. Maintain strict rules for access permissions, typically allowing only therapists to access client documents as an editor.
- You can share documents with clients by using Google Forms or by sharing private links to other documents when needed. For example, I share my client intakes with my clients via Google Forms and share progress notes or other similar documents in Google Docs.

4. Version History:

- Use Drive’s built‑in versioning to restore accidentally overwritten notes.
- You’ll have a record of any changes made to your documents by viewing the version history.

Pro tip: Turn on offline syncing on your laptop so you can access notes during home visits without internet access.

How to Use Square With Google Workspace for Payments and Scheduling

Handling billing securely is the final piece of the puzzle. Square offers a HIPAA‑compliant, BAA‑backed payment processor that pairs nicely with Google Workspace. You can do a lot with their free plan:

Invoicing: Create and send invoices from Square.
Customer Directory: You can create a customer directory within Square to keep track of appointments and payments easily for each client. Create an appointment calendar as well and Square will send out reminders to your clients via email and text.
Payment Links: Square sends an email to the client and the client can pay online.
Reporting: Export CSV reports from Square into Google Sheets for easy reconciliation. You can create a variety of customized reports within Square.

Why I love it: Square’s easy integrations mean my clients can pay online in seconds. With the free reminder emails and texts, no-shows are a thing of the past for me.

If you’re interested in using Square for payments and want to learn more about it, check out my post 👉 here.

Google Workspace Tips for Therapists

Apps Script Automations
- I have helped therapists set up automations that send out customized session reminders using Google Calendar and also generate streamlined session notes using Google Forms. I’ve also gotten great feedback from therapists who are using my Auto PDF Generator to automatically generate PDFs from Google Intake Forms when a client submits.
Google Sites Patient Portal
- With Google Sites, which is included with your Google Workspace account, you can create password‑protected pages for general resources (home exercises, handouts, etc).
- Create individual client pages on the site using page‑level access permissions for personalized homework.
Ongoing Support Membership

If you decide to use Google Workspace but want to get some support when you get started, my $19/month membership gives you direct email access to me for questions and troubleshooting. You can try it for a month or two if you need a little handholding when first starting out with Workspace. Cancel when you feel you are ready to handle things on your own. It’s a no obligation, cancel anytime subscription. Just notify me before your renewal date and you won’t be charged again. Easy.

Simplify EHR With Google Workspace

Going digital doesn’t have to mean complexity or high costs. With Google Workspace, you can:

Maintain HIPAA compliance with a signed BAA and the right security settings.
Automate intake, scheduling, billing, and reporting.
Store and organize your EHR in a system you already use every day.

Google Workspace checks all the boxes for a budget-conscious private practice therapist. My mission is to take the mystery out of this process so you can build a practice management system that’s simple, organized, and truly affordable.

Want some help getting started? Check out my setup services here.