How to Build an App Like BetterHelp: Teletherapy Platform Architecture, HIPAA Requirements, and Real Costs
- Ashit VoraBuild & ShipLast updated on
Summary
To build an app like BetterHelp, you need a therapist credentialing and onboarding workflow, a client intake questionnaire and matching engine, a HIPAA-compliant async messaging workspace, video session scheduling and calling, and subscription billing. An MVP takes 16-22 weeks and costs $100K-$200K. HIPAA compliance is not optional and must be designed into the data architecture from day one. Therapist supply is the hardest business problem -- you need licensed therapists credentialed and ready before a single client signs up.
Key Takeaways
HIPAA applies from the first line of code. Every service that touches client data -- cloud hosting, messaging, video, email -- needs a signed Business Associate Agreement (BAA). This is a legal requirement, not a best practice.
Therapist supply is the hardest problem, and it is a business problem before it is a technical one. You need a credentialing workflow before clients see any therapist profiles. Credentialing takes 2-4 weeks per therapist.
BetterHelp's primary modality is async messaging, not video. Clients and therapists exchange messages throughout the week, with live video or phone sessions as a secondary touchpoint. Build the messaging workspace before you build the video layer.
The matching algorithm matters more than it looks. A bad match -- a therapist who does not specialize in what the client needs -- leads to cancellation within two weeks. Get the intake questionnaire right and use it.
A teletherapy MVP with messaging, video sessions, matching, and HIPAA-compliant infrastructure costs $100K-$200K and takes 16-22 weeks. HIPAA and credentialing add significant cost versus a generic marketplace app.
BetterHelp launched in 2013 with a straightforward idea: therapy should not require a 3-week wait and a 45-minute drive. Put licensed therapists online, let clients communicate via messaging and video, charge a flat weekly subscription, and remove every friction point that keeps people from getting help.
By 2026, BetterHelp has over 30,000 licensed therapists and millions of paying clients. It is not a simple marketplace. It is a regulated healthcare platform with therapist credentialing, HIPAA-compliant communication infrastructure, a matching engine, and subscription billing -- all built on top of a supply network that took years to assemble.
Building something like it means solving the supply problem before the product problem, and HIPAA before both.
TL;DR
The teletherapy model: How BetterHelp actually works
Most people assume BetterHelp is a video call platform. It is not -- or at least, video is not the primary modality.
BetterHelp's core is asynchronous messaging. After matching, a client and therapist share a private messaging workspace. The client can send a message anytime -- at 2am during an anxiety episode, during a lunch break, after a difficult conversation. The therapist responds within 24-48 hours, usually once or twice a day.
Live sessions -- video, phone, or live chat -- are scheduled on top of the messaging relationship. They happen once a week or less for most clients. The messaging workspace is where most of the therapeutic work happens.
This model is important for product architecture. If you build the video session as the primary experience, you are building the wrong product. Build the messaging workspace first. Add scheduled video sessions as a secondary layer.
The business model is subscription: clients pay a flat weekly or monthly rate ($65-$100/week depending on plan). Therapists are paid per word count of messages sent plus a per-session rate for live calls. The platform takes the difference.
HIPAA: Start here, not at the end
Every team that learns HIPAA the hard way finds out the same thing: retrofitting compliance after you have built a product is 5x more expensive than designing for it from the start.
A teletherapy app handles Protected Health Information (PHI) by definition. PHI includes: client names combined with the fact they are using a mental health service, session notes, diagnosis or treatment information, questionnaire responses, and the content of all messages between client and therapist. You cannot anonymize your way out of this -- a therapy platform is a covered entity or business associate under HIPAA.
What HIPAA requires technically:
Encryption at rest: All PHI stored in your database must be encrypted using AES-256. This means column-level encryption for sensitive fields, not just disk-level encryption.
Encryption in transit: TLS 1.2 or higher for all API calls. HTTPS everywhere, no exceptions.
Access controls: Role-based access. A therapist sees only their assigned clients. Support staff see only what they need to resolve a specific issue. No admin-level "see everything" account for general use.
Audit logs: Immutable logs of every access, modification, or deletion of PHI. Who accessed what, when, from which IP. These logs must be retained for a minimum of 6 years.
Business Associate Agreements (BAAs): A signed legal contract with every third-party vendor that touches PHI. This includes your cloud provider, messaging service, video provider, email service, and support tool. AWS signs a BAA. Twilio signs a BAA. Intercom does not -- which means you cannot use Intercom for client support without a custom agreement. Check every vendor.
Incident response plan: A documented plan for what happens if there is a breach. Who gets notified? In what timeframe? What is the remediation process?
Data retention and deletion policy: How long do you keep session notes, message history, and client records? How do you securely delete them when the retention period ends?
What HIPAA violations cost:
$100-$50,000 per violation, depending on culpability
Up to $1.9M per violation category per year
Criminal liability for willful neglect
Design for HIPAA from the first architecture meeting. It is not a compliance checkbox -- it is a product design constraint that affects your data models, your vendor selection, and your infrastructure choices.
AWS is the standard choice for HIPAA-eligible infrastructure. RDS, S3, Lambda, API Gateway, SES, and most other AWS services are HIPAA-eligible under the AWS BAA. This makes AWS the path of least resistance for healthcare applications.
Therapist supply: The hard problem no one talks about
Every teletherapy founder focuses on the client experience first. This is backwards.
A teletherapy platform with no credentialed therapists is a waiting room with no doctors. You need licensed, background-checked, contracted therapists available before a single client can sign up. The credentialing process takes 2-4 weeks per therapist, not 2-4 hours.
What therapist credentialing requires:
License verification: Confirm that the therapist's license (LCSW, LPC, MFT, PhD, PsyD, or equivalent) is active and in good standing in the relevant state(s). The source of truth is each state's licensing board database.
Background check: Criminal background check through a licensed background screening provider (Checkr, Sterling).
Insurance verification: Liability insurance documentation (most therapists carry their own).
Contract and rate agreement: Signed contractor agreement covering pay rates, scheduling commitments, platform policies, and client confidentiality.
Platform training: Walkthrough of the therapist dashboard, messaging guidelines, crisis protocol, and documentation requirements.
This entire workflow needs to be built before you onboard your first therapist. It cannot be a Google Form and a Slack DM. You need a structured onboarding portal where therapists submit their credentials, see the verification status, sign documents, and complete training -- all tracked in your system.
The practical advice: Build the therapist credentialing portal and the therapist dashboard before you build the client app. Credential 10-20 therapists before you open client signups. Then match those therapists with your first clients. A platform that can say "150 therapists available in your state this week" is a platform clients trust.
Core features for v1
Therapist onboarding and credentialing flow
A multi-step onboarding portal for therapists: license submission (upload or state database lookup), background check initiation, document signing, profile creation (specialties, approach, availability), and dashboard access. Status tracking so therapists know where they are in the process.
Client intake questionnaire and matching
A structured questionnaire covering: what brings you to therapy (anxiety, depression, relationship issues, grief, trauma, LGBTQ+ issues), preferred therapist characteristics (gender, religion, age range), format preference (messaging only, live sessions, both), schedule availability, and any specific needs.
The matching engine uses this data to filter therapists by specialty and availability, then ranks by match score. For v1, a rule-based filter is sufficient. Present the client with 3-5 therapist options and let them choose.
Async messaging workspace
The core product. A private, encrypted messaging thread between client and therapist. Clients can send messages anytime. Therapists see a queue of client messages and respond during their available hours. The workspace shows message history from the start of the relationship.
Technically: messages stored in PostgreSQL with column-level encryption. Delivered over HTTPS (not WebSocket -- therapist responses are not real-time, so persistent connections are unnecessary). HIPAA-compliant messaging infrastructure via Twilio Flex or a direct Twilio Programmable Messaging implementation.
Video session scheduling and calling
Clients schedule live sessions from the therapist's available time slots. Sessions happen via HIPAA-compliant video. After the session, the therapist logs a brief session note.
Do not build video infrastructure from scratch. Use Daily.co (HIPAA-compliant, signs BAA, $0.004 per participant-minute) or Twilio Programmable Video (HIPAA-eligible, BAA available). Both are production-ready for clinical use. Daily.co is faster to integrate; Twilio gives more control.
Subscription billing
Clients pay a weekly or monthly subscription. Stripe handles billing -- recurring subscriptions, failed payment retries, prorated upgrades and downgrades. Stripe signs a BAA for healthcare-adjacent applications.
Therapist payouts are calculated weekly based on message word count and live session count. Run payouts via Stripe Connect or direct ACH.
Admin panel
Your operations team needs to: review therapist credentials before approval, monitor client-therapist matches, handle client complaints and reassignment requests, review platform activity for policy violations, and manage billing disputes.
This is not optional infrastructure. Without it, your operations team cannot function, and your therapists cannot be paid correctly.
What BetterHelp does that most clones skip
Therapist specialization tags: BetterHelp therapists tag their specialties (trauma, LGBTQ+, couples, addiction, OCD). The intake questionnaire matches client concerns to therapist specializations. Most clones skip the specialization taxonomy and use generic "therapist available" matching. The result: clients get matched to therapists who are not equipped for their specific needs, leading to early cancellations.
Crisis protocol: BetterHelp explicitly does not handle psychiatric emergencies (suicidal ideation in active crisis, psychotic episodes). Their platform redirects to crisis hotlines and instructs therapists to follow their state's mandatory reporting requirements. Your platform needs the same. Build the crisis referral flow and document the protocol for therapists before you go live.
Therapist message guidelines: BetterHelp provides therapists with guidelines on how to respond in the async messaging format -- response length, frequency, what to cover in weekly summaries. This is soft infrastructure that improves client outcomes. Build it into your therapist training materials.
What to skip in v1
Group sessions: Multiple clients in one session. Complex consent and privacy requirements. Skip for v1.
Journaling features: BetterHelp has an in-app journaling tool clients can share with their therapist. Nice feature, not core. Build it in v2.
Employer and insurance partnerships: Contracting with employers to offer BetterHelp as an employee benefit, or accepting insurance reimbursement. Both are significant business development projects. Focus on direct-to-consumer first.
AI-powered matching: ML-based matching trained on outcome data. You do not have outcome data in v1. Use rule-based matching and improve it later.
Therapist performance analytics: Dashboards showing client retention, session completion rates, satisfaction scores per therapist. Useful for operations -- not for v1.
Tech stack
| Layer | Choice |
|---|---|
| Mobile (iOS + Android) | React Native |
| Web app | Next.js |
| Backend | Node.js (Express or Fastify) on AWS |
| Database | PostgreSQL on AWS RDS (HIPAA-eligible), column-level encryption for PHI |
| Async messaging | Twilio Programmable Messaging (BAA available) |
| Video sessions | Daily.co or Twilio Programmable Video (both HIPAA-compliant with BAA) |
| File storage | AWS S3 (HIPAA-eligible) |
| Email (transactional) | AWS SES with BAA |
| SMS notifications | Twilio (BAA available) |
| Subscription billing | Stripe (BAA for healthcare) |
| Therapist payouts | Stripe Connect |
| Background checks | Checkr API |
| Infrastructure | AWS with HIPAA-eligible services and signed BAA |
How much does it cost to build an app like BetterHelp?
HIPAA compliance adds $20K-$40K to every tier through security architecture, BAA procurement, penetration testing, and legal review. This is not optional overhead -- it is the cost of operating legally in the healthcare space.
| Scope | Timeline | Cost |
|---|---|---|
| MVP (credentialing, matching, messaging, video, billing) | 16-22 weeks | $100K-$200K |
| With mobile apps (iOS + Android) + group sessions | 24-32 weeks | $200K-$350K |
| Full platform (employer partnerships, insurance billing, AI matching, journaling) | 9-14 months | $350K-$600K |
Monthly operating costs after launch at moderate scale (500 active client-therapist pairs): $4K-$12K, covering AWS infrastructure, Twilio messaging and video, Stripe fees, and support tooling.
Why teletherapy platforms are harder than generic marketplaces
A food delivery marketplace matches buyers and sellers of a commodity. A teletherapy platform matches clients with licensed professionals in a regulated relationship that involves sensitive personal information, mandatory reporting obligations, and strict data handling requirements.
The complexity compounds at every layer:
Every vendor you use must sign a BAA. Every message between client and therapist is PHI. Every session note is a clinical record. Therapist matching affects client outcomes, not just satisfaction scores. A mismatch in a food delivery app means a refund. A mismatch in therapy means a client who needed help did not get it.
None of this means you should not build. It means you should plan for the actual cost and timeline of building it correctly -- and work with a team that has done it before.
Why founders choose RaftLabs to build healthcare platforms
Healthcare software is an area where cutting corners creates legal exposure and, more importantly, real harm to real people. RaftLabs has shipped HIPAA-compliant platforms across telehealth, patient intake, clinical workflow, and healthcare AI.
We build the compliance infrastructure alongside the product -- not after it. We know which AWS services are HIPAA-eligible, which vendors sign BAAs, and how to design a PHI data model that survives a compliance audit. We also know how to scope a teletherapy MVP that gets to market in 16-22 weeks without skipping the credentialing workflow that makes the platform trustworthy.
If you are building a teletherapy platform, start with a scoping call. We will tell you what it actually costs, what to build first, and what to defer.
Frequently Asked Questions
- An MVP with therapist onboarding, client intake and matching, async messaging, video sessions, and subscription billing costs $100K-$200K and takes 16-22 weeks. A full platform with group sessions, journaling features, employer/insurance partnerships, and mobile apps for iOS and Android costs $200K-$400K. HIPAA compliance adds $20K-$40K across all tiers through infrastructure setup, BAA procurement, security implementation, and legal review.
- HIPAA applies the moment you store or transmit any Protected Health Information (PHI). For a teletherapy app, PHI includes session notes, diagnosis codes, client questionnaire responses, messaging content, and even the fact that a specific person is using a mental health service. Requirements: AES-256 encryption at rest, TLS 1.2+ in transit, role-based access controls, immutable audit logs, signed BAAs with every third-party service, and a documented incident response plan. Violations start at $100 per incident and can reach $1.9M per violation category per year.
- Clients complete an intake questionnaire covering their concerns (anxiety, depression, relationship issues, trauma), preferred therapist characteristics (gender, age range, religion), session format preferences (messaging-only, video, phone), and schedule availability. The matching engine filters therapists by specialty, availability, and client preference, then ranks by match score. BetterHelp uses this to suggest 3-5 therapists and lets clients choose. For v1, a rule-based filter is sufficient -- matching on specialty tags and availability. ML-based matching comes later, when you have outcome data to train on.
- React Native for iOS and Android client apps. Node.js backend on AWS (HIPAA-eligible services). PostgreSQL for client and therapist data, with PHI fields encrypted at the column level. Twilio Programmable Messaging for HIPAA-compliant async messaging (Twilio signs a BAA). Twilio Programmable Video or Daily.co for HIPAA-compliant video sessions. Stripe for subscription billing. AWS SES with BAA for transactional email. All infrastructure on AWS with HIPAA-eligible services and signed BAA.
- Starting with the client-facing app before solving the supply problem. A teletherapy platform with no credentialed therapists is worthless. The credentialing workflow -- license verification, background check, contract signing -- must be built and tested before you onboard a single client. Teams that skip this end up with a beautiful client app and no one for clients to talk to. Build the therapist onboarding and credentialing pipeline first, then build the client experience on top of an actual therapist network.
