Get your questions answered quickly as you navigate through the desktop app with Weave Quick Help.

Just click on the Question Mark icon in the top right corner to get more information in a pop-up window next to your desktop app, such as:

• WeaveHelp articles relevant to the section of the desktop app you’re in
• Answers through our chatbot with relevant questions and troubleshooting tips
• Weave Academy, where you can start or continue your Weave Education
• A quick link to the Weave Portal, which will open in a new browser window

And when you’re done learning, click the X in the top right corner to get back into your workflow in the desktop app.

We would love to hear how we are doing with this feature. Click here to provide feedback on Quick Help.

Become familiar with Weave terminology used in help guides and training.

Weave Desktop Application (App)

This is where you will use Weave in day-to-day interactions with customers. You can text, call, email, collect payments, and more within the desktop app. Learn how to download. 

Find features and products within the buttons on the home page. 

Search for anything in Weave - including products or customer profiles - and find quick links to popular features using the search bar on the home page. 

Change your location, adjust settings, reach support, and navigate to the Weave Portal within the menu at the top right corner. 

In the top bar, you can quickly:

• Return to the home page 
• Check chats within your team or Weave support
• Change locations (for multi-office accounts)
• See which location you are currently working in
• Access Weave Quick Help

Weave Portal 

Head to the portal in a web browser to see administrative tasks and settings. This is also known as the Admin Portal. Open the Weave Portal. 

Here's what it looks like: 

The navigation bar is the menu on the left side of the Weave Portal. There you will find sections where you can find the settings and features you would like to access.

Other terminology

Ellipses Menu: Sometimes in the desktop app, you'll see an ellipses icon with three dots to signify there are more options available.

Filter: In features and products such as reviews, payments, and schedule, you'll see three funneled lines to signify there are options to filter the results you see.

Notifications: Pop-ups in the app for messages, reviews, and more

Tabs: Different sections you can click at the top of a page, such as in Users in the Weave Portal.

Mobile Application (App): You can download Weave on your mobile device to access messages, phone calls, emails, and more from anywhere. Learn how to download.

Weave Phones: Any phone distributed by Weave

Phone Tree: Prompt customers that call into your office to the correct extension through phone trees. You may have heard similar products called call trees, auto-attendant, or IVR (interactive voice response).

Call Pop: A feature that allows you to see customer information as they call before you answer the phone

Looking for a new feature? Or really enjoying a specific product? Let Weave know using UserVoice, a third party service we've partnered with to make sure we can hear your ideas and suggestions. 

Post your feedback and report bugs by opening the Weave Feedback Portal.

1. Select Sign in in the top right corner
2. Choose to sign in using Facebook, Google, your email, or choose to create an account
3. Select the feedback forum from the right side or bottom of the screen once you are signed in
4. Browse ideas and vote for the ones you like

   Note: Comment on posts by clicking on the number of comments below the post and following the same process you would use to add feedback

5. Enter your feedback by typing in the Enter Your Idea box at the top of the page
6. Choose the category your feedback applies to (optional)
7. Select Post Idea 

Ready to get started? Let's get you logged into Weave. 

Log into Weave

The Weave Desktop App will need to be downloaded on each computer station that needs access to Weave. Follow these instructions to download the Weave desktop app.

Video Overview

Installing the Desktop App

1. Click on one of the buttons below to download the Client Installer
   
   

   Windows version

   Mac version

   Linux version

2. Run the installer
   

   Note: The steps to find the installer will vary depending on the browser you're using

   • • Go to your downloads folder and run the installer

     • Click install > next > finish

3. Log in to the Weave Software

Need to sync your software to your Weave phones? Click here for instructions.

Manually Update Your Weave Desktop App

If you're having trouble with the desktop app, you may need to check for software updates. 

1. Open the desktop app and select the Menu in the top right corner
2. Select Settings
3. Click Updates in the menu. 
4. On the Updates page, select Check Now. 
5. If a new update is available, a green button will appear in the top menu bar.
6. Click the green button and then Restart to initiate the update. 

Making an outbound call to a client is available no matter where you are. There are a few different ways to do it.

To learn how to place a call on your Weave phone, refer to our Phone User Guides. 

New to Weave? Follow this Onboarding Checklist for Admins to get started with Weave.

Before beginning the checklist, make sure you complete the following steps:

Technical Preparation

Weave Plus Onboarding Checklist

1. Software Installation/Configuration

• Download the Weave Desktop App on all computer stations using Weave.
• Add Users to your account. Each person in your office who will be using Weave needs their own unique username and password to log in. 

  Note: If you have a multi-location account, you can use the same password for each location.

• Register and complete Admin Certification Part 1 in Training Camp to learn more about Weave and our services.

2. Phone Customizations

Start thinking about how you want to customize your phones.

• Here are some of the most common phone customization features that are available with your new Weave phone system.

3. Phone Installation

Get ready for your new phones.

• Complete Weave Plus for Admin Certification Part 2 in Weave Training Camp.
• Practice using your new Weave Phones
• Set office hours. This controls when your phones will ring and when specific voicemail greetings will be played.
• If you would like to use the phones before your port date, reach out to your current phone provider and ask them to forward all incoming calls to your Weave test number given during implementation. Calls will come into your main number and ring straight to the Weave phones without downtime.
• Set up voicemail.
• Select hold music.
• Have your staff complete the Weave Plus Essentials for Team Members Weave Training Camp Certification.

4. Transfer (Port) Your Numbers

Weave will become your new phone provider. Make sure your phone numbers are ready for the transfer by ensuring they are NOT tied to:

• • Credit card machines
  • Alarm systems 
  • Internet service
  • Any other services
• If you purchased any additional features, check out our Add-On Certifications at Weave Training Camp.
• Complete Admin Certification Part 3 in Weave Training Camp.

Ongoing Support and Training

• Bookmark WeaveHelp to search for answers to ongoing product questions.
• Attend monthly live WeaveLab Webinars for product updates. You'll see the invitations come across your email.
• Contact support to resolve any technical issues.
• Contact your CSM team at customersuccess@getweave.com for any account-related questions, best practices, or product add-ons.

Additional Product Setup

New to Weave? Follow this Onboarding Checklist for Admins to get started with Weave.

Before beginning the checklist, make sure you complete the following steps:

Technical Preparation

Weave Core Onboarding Checklist

1. Software Installation/Configuration

• Download the Weave Desktop App on all computer stations using Weave.
• Add Users to your account. Each person in your office who will be using Weave needs their own unique username and password to log in. 

  Note: If you have a multi-location account, you can use the same password for each location.

• Register and complete Admin Certification Part 1 in Training Camp to learn more about Weave and our services.
• Upload or add contacts to Weave. You can add your customer base to Weave by
  • Mass Upload (CSV File) - Use these troubleshooting steps if you experience issues
  • Creating Manual Contacts

2. Phone Customizations

Start thinking about how you want to customize your phones.

• Here are some of the most common phone customization features that are available with your new Weave phone system.

3. Phone Installation

Get ready for your new phones.

• Complete Weave Plus for Admin Certification Part 2 in Weave Training Camp.
• Practice using your new Weave Phones
• Set office hours. This controls when your phones will ring and when specific voicemail greetings will be played.
• If you would like to use the phones before your port date, reach out to your current phone provider and ask them to forward all incoming calls to your Weave test number given during implementation. Calls will come into your main number and ring straight to the Weave phones without downtime.
• Set up voicemail.
• Select hold music.
• Have your staff complete the Weave Core Essentials for Team Members Weave Training Camp Certification.

4. Transfer (Port) Your Numbers

Weave will become your new phone provider. Make sure your phone numbers are ready for the transfer by ensuring they are NOT tied to:

• • Credit card machines
  • Alarm systems 
  • Internet service
  • Any other services
• If you purchased any additional features, check out our Add-On Certifications at Weave Training Camp.
• Complete Admin Certification Part 3 in Weave Training Camp.

Ongoing Support and Training

• Bookmark WeaveHelp to search for answers to ongoing product questions.
• Attend monthly live WeaveLab Webinars for product updates. You'll see the invitations come across your email.
• Contact support to resolve any technical issues.
• Contact your CSM team at customersuccess@getweave.com for any account-related questions, best practices, or product add-ons.

Additional Product Setup

For some actions in the Weave app, you'll have to have a specific role. See what role you currently have:

1. Open the Weave Portal on your web browser
2. Select Account from the left menu
3. Click Users from the dropdown
4. Find yourself in the Users list

From here, you can see your role to the right of your name. If you have the Admin role, you can also edit and add users. If you do not, ask the admin in your office to make changes.

Quickly login to your Weave account to see a history of your charges and payments.

1. Login to the Weave Admin Portal
2. Select Account in the left side bar
3. Click Billing

Below your payment information, you’ll see a list of invoices. They are categorized by date but also include an invoice name to reference with Weave support if needed.

Paid status means paid in full. Any partial payments will still appear as unpaid on the invoice history.

Select the Dropdown Arrow next to an invoice to see a quick breakdown of the charges. Select the Preview icon for a more detailed report.

Export Your Invoice as a PDF

1. Login to the Weave Admin Portal
2. Select Account in the left side bar
3. Click Billing
4. Select the Preview icon next to the invoice you would like to export
5. In the top right corner, select the PDF icon
6. Use your computer’s system to either print the invoice or save it to your computer as a PDF

Change or update the billing information for your Weave subscription with ease through the Weave portal.

Add a Payment Method:

1. Login to the Weave Portal

2. Select Account in the left side bar

3. Click Billing

4. Select the+ Plus icon on the right side

5. Update your payment information by filling out fields:

• Payment Type

• Card/Account Holder

• Card/Account Number

• CVV

• Zip

• Expiration Date

6. Select Submit

Choose Your Primary Card

1. Click the down arrow next to the payment info

2. Toggle on Make Primary Payment Method

Note: If another card is designated as the primary payment method, its toggle will automatically change.

Delete a Payment Method:

1. Click the down arrow next to the payment info

2. Select Delete Payment Method

Note: In order to delete a payment method on file, you must have another payment method marked as primary.

All staff members in your office who will be using Weave must have their own login with their own user email and password. This is a HIPAA requirement for security purposes. This article explains how to add, edit, or delete a Weave user.

You can add and manage users in your Weave Portal. Select the appropriate tab below for instructions to add, edit, or delete a user.

Steps to verify your data source to get your data syncing to Weave.

Verify Your Data Source

Once Weave connects with your Practice Management Software, you will need to verify your data source in order for the data to start syncing. This keeps your data safe and secure in the data syncing process.

To verify your data source,

1. Go to your Weave Portal
2. Select Data Sources from the left side menu
3. Click on the settings icon next to the data source you wish to verify
4. Select Verify from the dropdown menu
5. Answer the verification question

   Note: You will need to reference your Practice Management Software and/or scheduling system to properly answer the question. 

6. Select Verify Data

If you answered the verification question correctly, the status will change to Verified and your data will be syncing with Weave.

If you answered the verification question incorrectly, it will lock the data source. You will need to contact our Support team to have it unlocked before trying again.

Verification Statuses

• Not Verified:  This means that the data has not yet been verified by your office.
• Locked: This means that the data verification failed. Contact our Support team to have it unlocked before trying again.
• Verified: This means that you successfully verified the data source and your data is properly syncing with Weave.

Hey, it happens! If you have forgotten your Weave password, follow these instructions to reset your password.

Reset My Password

1. From the login screen on your Weave Desktop App, click on Reset Password below the sign in section
2. Click Sign in once directed to the Weave Portal and then Need Help Signing In? 
   

   Note: For best results use Google Chrome. Windows Explorer is not supported by this application

3. Select Forgot Password?
4. Type in your email address that you use to log into Weave
   

   Tip: If you cannot remember the email address you use for logging into Weave, ask your office administrator to look at your user account in the Weave Portal and give you the email associated with your user profile.

5. Click Reset via Email
6. Click on the link in your email to go to the reset password screen

1. Type in a new password
2. Type in the password again for verification
3. Click Reset Password
   

You can now log into your Weave Desktop App with your new password.

Reset Another User's Password

If one of your staff members have forgotten their password, you can send a password reset request from the Weave Portal. 

1. Click the menu icon at the top right corner of your desktop app
2. Select Admin Portal to open up the Weave Portal in your internet browser
3. From the menu on the left, select Account
4. Select Users from the dropdown
5. Click on the pencil icon next to the user's name that you would like to edit
6. Click Reset Password
7. Instruct the team member to pull up the email or text from Weave to finish resetting their password

Once the team member finishes resetting their password, they will be able to log into Weave.

Several laws in the US and Canada regulate communications between businesses and their customers. These laws include, but are not limited to, the TCPA, CAN-SPAM, and CASL. Additionally, the US wireless communications industry has published principles and best practices regarding text communications. The underlying goal of these regulations and best practices is to protect consumers against unwanted communications. Weave is your partner in understanding these requirements and ensuring that your messages are delivered to your customers with minimal disruption.

The following information regarding these laws is not legal advice and is provided for information purposes only. You are encouraged to seek competent legal counsel for specific guidance related to compliance with these laws.

TCPA

The US Telephone Consumer Protection Act (TCPA) regulates telemarketing calls, auto-dialed calls and text messages, artificial or pre-recorded calls, and unsolicited faxes. The TCPA requires prior express consent to send text messages to customers. While there are some exemptions to TCPA requirements for certain healthcare-related communications under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), TCPA requirements still apply to marketing communications and any other non-healthcare-related communications. For example, text messages which contain marketing or advertising content require you to obtain prior express written consent from your customers.  

You can learn more about the TCPA from the Federal Communications Commission’s (FCC) FCC website . 

TCPA exemptions for healthcare providers

The TCPA provides exemptions specifically for healthcare-related calls and text messages which apply to HIPAA-covered entities, created by the FCC in its Declaratory Ruling and Order on July 10, 2015 . Under one exemption, calls or texts made by or on behalf of a covered entity or its business associate and which have a healthcare treatment purpose do not require the prior express written consent of the receiving party. Such calls or messages include:

• Appointment and exam confirmations and reminders
• Wellness check-ups
• Hospital pre-registration instructions
• Pre-operative instructions
• Lab results
• Post-discharge follow- up intended to prevent re-admission; prescription notifications
• Home health care instructions

The following additional conditions for each exempted voice call or text message, made by or on behalf of a healthcare provider, must be met:

• Call or text message must be sent only to the mobile number provided by the patient.
• Name and contact information of the healthcare provider must be stated at the beginning of each call or included in each text message.
• Limit calls and text messages to one per day and no more than three calls or text messages per week.
• Calls and texts messages must comply with the HIPAA Privacy Rule.

Despite these exemptions, you should always discuss with your customers what information may be communicated via text, especially sensitive information. It is important to note that texts related to accounting, billing, debt collection or containing other financial content or texts that include advertising content are not part of this exemption. Additional detail can be found in the FCC’s July 2015 Declaratory Ruling and Order. 

CAN-SPAM

The Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM) establishes requirements for commercial emails and gives recipients the right to have you stop emailing them. CAN-SPAM applies to all commercial email messages, which the law defines as “any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service.” CAN-SPAM’s primary requirements include:

• Email header and routing information must be accurate and identify the person or business who initiated the message.
• The subject line should not be deceptive and must accurately reflect the content of the message.
• Message must be identified as an ad.
• Messages must include your valid physical postal address.
• Messages must include a way to opt-out of receiving further messages.
• Honoring a recipient’s opt-out request within 10 business days.

You can learn more about CAN-SPAM from the Federal Trade Commission (FTC) website and the FTC’s compliance guidelines . 

CASL

Canada’s anti-spam legislation (CASL) regulates commercial electronic messages (CEM) that are sent to or by Canadians. A CEM is any electronic message (including a text or email) that encourages participation in a commercial activity. For example, a CEM would include a text or an email that offers to provide a service or a product (including a text or email that contains a coupon or describes a promotion). CASL does not apply to a pure service message (such as a simple reminder of an existing appointment), unless the message also encourages participation in a commercial activity (such as a reminder of an existing appointment which also promotes a sale on other services). 

Key requirements of CASL include:

• Before sending a CEM, the sender must have an express consent or an implied consent from the recipient, or fall within one of the exemptions specified in CASL. You can learn more about the requirements for express and implied consent and exemptions here . 
• Unless the sender has a complete exemption from CASL, the CEM must include (1) the name by which the sender carries on business, if different from its name, and if not, its actual name, (2) the sender’s mailing address and either a phone number or an email address or web address, valid for 60 days, and (3) an unsubscribe mechanism that allows the recipient to opt-out of receiving all future CEMs.
• The unsubscribe mechanism must be available to the recipient without cost, be easy to use, and must use the same electronic means as the CEM. The sender must process an unsubscribe request without delay, and in any event within 10 business days.
• CASL regulators expect senders to have a CASL corporate compliance program and CASL training materials. CASL also imposes certain record keeping requirements relating to express consents, implied consents, opt-outs, and CEMs. Weave does not maintain those records for you. For information on these requirements, see the links provided below or speak with your lawyer.

You can learn more about CASL from the Canadian government’s overview and frequently asked questions .

CTIA Messaging Principles and Best Practices

The CTIA , an organization representing the US wireless communications industry and companies throughout the mobile ecosystem, has developed and published Messaging Principles and Best Practices (Principles and Best Practices). The Principles and Best Practices reflect the wireless industry’s efforts to preserve the trust in the messaging services provided by the mobile network operators (MNOs), such as Verizon, AT&T, and T-Mobile. The Principles and Best Practices also support a wireless messaging community where message senders and consumers can exchange wanted messages and while still protecting consumers from unwanted messages, in conformity with applicable laws and regulations, such as TCPA and CAN-SPAM.

The Principles and Best Practices include parameters for facilitating business text messages, also known as “non-consumer” or “Application-to-Person” (A2P) messages, such as those sent by Weave subscribers through the Weave service. Regardless of regulation, the CTIA recommends that all A2P message senders should take the following actions to maintain consumer confidence in messaging services:

• Obtain a consumer’s consent to receive messages generally.
• Obtain a consumer’s express written consent to specifically receive marketing messages.
• Ensure that consumers have the ability to revoke consent.

Consent may vary upon the type of message content exchanged with a consumer. The Principles and Best Practices provides examples of the types of messaging content and the associated consent that should be expected for A2P messages.

10DLC Brand and Campaign Registration

In addition to the CTIA Principles and Best Practices, the mobile network ecosystem has been working to find ways to better support businesses sending A2P messages to consumers and reduce the number of spam text messages that consumers receive. In 2021 the MNOs began implementing standards to register and validate businesses that send A2P messages using 10-digit long codes (10DLC) (a 10-digit telephone number designed for A2P messaging). This is referred to as “brand” and “campaign” registration and validation. Providing visibility into the source and content of A2P messages allows the MNOs to provide more reliable and trustworthy messaging services. Businesses that send A2P messages via 10DLCs are required to register their brand and messaging campaigns through their service providers, like Weave, to take advantage of increased messaging deliverability and throughput, and avoid potential fees or disruption to texting services. Businesses that are registered and verified with the MNOs are less likely to be flagged for sending spam messages. You can find more information about these requirements here .

Your Responsibility to Use Weave in Compliance with the TCPA, CAN-SPAM, CASL, and other best practices

Weave text and email features have been designed with features to support you in complying with the TCPA, CAN-SPAM and CASL and enable you to make the most of your communications with customers. However, primary responsibility for compliance with TCPA, CAN-SPAM, CASL, and other best practices rests with you. You are responsible for the communications that you cause to be sent through the Weave service and for ensuring that those communications comply with all applicable laws. This includes, but is not limited to:

• Obtaining, documenting, and tracking customer consent.
• The content and frequency of communications.
• Promptly honoring opt-out and withdrawal of consent requests.

More details on your responsibility for compliance with laws and regulations can be found in Weave’s Terms of Service .

Weave has implemented the following features which support you in complying with the TCPA, CAN-SPAM, CASL, and the CTIA Principles and Best Practices:

Text messaging

• All automated texts have opt-out instructions appended to the end of the message. Additionally, regardless of the type of text message, the standard "STOP" reply will automatically unsubscribe customers from further text message communications. You can learn more about how customers can opt out of texts here . 
• Our default text message templates include the name of the subscriber (e.g., "Hello {first name}, this is {subscriber name}"). These templates can be modified by you to include additional information, including contact information, message frequency, and applicable terms and conditions.
• Weave is your partner in registering and validating your 10DLC messaging brand and associated messaging campaigns with the MNOs and their partners. The majority of our existing subscribers’ brands and campaigns are already registered and validated. New subscribers are registered and validated during the onboarding process. 

Email marketing

• Weave’s email marketing tool includes the following information as standard at the bottom of every email campaign:
• Unsubscribe instructions and automatic opt-out when requests are received
• Business and contact information, including postal address
• Required email subject and “From” email address for every email campaign.

Keep in mind, we aren’t your lawyers, so we cannot give you legal advice. Compliance with the TCPA, CAN-SPAM, CASL and other applicable laws, regulations or best practices will depend on your particular use case and context. This information should not be relied upon as legal advice or to determine how legal requirements apply to your use of the Weave service. We encourage you to seek guidance from your legal counsel regarding the requirements of TCPA, CAN-SPAM, and CASL and other relevant laws and regulations to ensure compliance.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that seeks to improve the efficiency and effectiveness of the healthcare care system, while also establishing national standards for privacy and security protections for health information. The following information regarding HIPAA is not legal advice and is provided for information purposes only. Weave encourages you to seek legal advice from an attorney to obtain specific guidance-related compliance with HIPAA and the requirements applicable to your business.

HIPAA includes three primary rules:

• The Privacy Rule establishes standards for the protection of certain protected health information (PHI).
• The Security Rule establishes security standards for protecting the confidentiality, integrity, and availability of PHI held or transmitted in electronic form, otherwise known as electronic protected health information (ePHI). 
• The Breach Notification Rule establishes standards for notification following a breach of unsecured PHI.

HIPAA generally applies to health plans, health care clearinghouses, and to most healthcare providers. These are referred to as “covered entities.” Additionally, persons or entities (like Weave) who perform functions or activities on behalf of a covered entity that involve access to PHI may also be considered “business associates” subject to certain HIPAA standards. 

You can learn more about HIPAA requirements from the Department of Health and Human Services (HHS). 

It’s important to know that HHS does not endorse or recognize private organizations’ HIPAA “certifications”. Some service providers may claim that they or their systems are “HIPAA compliant” or “HIPAA certified”. These claims are misleading, as compliance with HIPAA and other applicable laws and regulations will depend on your particular use case and context. 

Weave is committed to protecting your data, including the PHI of your patients. Weave has been designed with features to support you in complying with HIPAA, while also enabling you to make the most of your communications with patients. However, primary responsibility for compliance with HIPAA rests with you. You are responsible for your use of the Weave service and for ensuring that your use of the Weave service complies with HIPAA and other applicable laws. This includes, but is not limited to:

• Taking your own steps to maintain appropriate security and privacy protections, including properly limiting access to the Weave service. 
• Ensuring that all communications sent through the Weave service comply with the HIPAA Privacy and Security Rules, including calls, texts, faxes and email marketing messages. 
• Notifying Weave of any of your policies, agreements or restrictions to which you have agreed that may affect Weave’s performance of services, and any changes in, or revocation of, permission by an individual to use or disclose PHI, to the extent that such changes may affect Weave’s use or disclosure of PHI.

Our legal, compliance, and security teams work across the company and alongside our customers to understand and meet customer needs. Weave has implemented the following safeguards to meet HIPAA requirements:

• Weave has established and implemented policies governing the protection and use of PHI. 
• Weave has implemented administrative, technical, and physical safeguards for protecting PHI. Weave regularly reviews and enhances safeguards based on risk assessments. Safeguards in place include:
• Logical and physical access controls are employed to ensure that only authorized personnel access PHI.
• Encryption of data in-transit and at rest. Weave employs industry standard TLS 1.2+ and HTTPS encryption when transferring data between subscribers and Weave’s infrastructure. All subscriber data is encrypted at rest using AES-128-bit symmetric encryption keys or better.
• Security awareness training and education for all Weave personnel.
• Incident detection and response capability to detect and respond to security incidents and appropriately report any unauthorized access or use of PHI.
• Data is regularly backed up and replicated to geographically dispersed locations, which allows us to quickly recover and restore data and systems in the case of data corruption or loss.
• Weave’s privacy and security safeguards are reviewed and assessed by independent advisors. 
• Weave has established a standard business associate agreement (BAA), which is an addendum to our standard Terms of Service. Our Terms of Service and BAA, together with our Privacy Policy, are designed to address Weave’s commitments for protection and use of personal information and PHI, per HIPAA, and other applicable privacy laws and regulations. Weave only uses your data to provide the Weave service to you, except with your prior written consent or as otherwise expressly permitted under the Terms of Service or BAA.
• Weave ensures that its subcontractors and personnel authorized to access PHI are bound by appropriate obligations of confidentiality or a BAA.

Below is additional information of which you should be aware and that will help you comply with HIPAA when communicating through the Weave service:

Team Chat

• Team Chat is designed to support secure communication between team members, with all messages encrypted in transmission and at rest.

Messages

• Weave Messages can be used to communicate in a manner that is compliant with HIPAA. However, it is your responsibility to discuss with your patients what information may be communicated via text, especially sensitive information and PHI. Text messages sent through Weave are transmitted via traditional SMS text message methods. Traditional SMS text messages are generally considered an insecure mode of communication, as texts are not encrypted in transit and there are limited controls over the message after it is sent. Compliance with HIPAA when sending texts will depend on the content of the text and other factors.

Fax

• Faxes sent through Weave are encrypted at rest with a unique encryption key for each customer. Additionally, Weave encrypts faxes sent through Weave. However, you should apply reasonable safeguards when sending PHI through fax to protect the information from inappropriate use or disclosure. More guidance is available by visiting the HHS website.

Email Marketing

• The Email Marketing feature was designed for our subscribers to communicate updates, promotions, and newsletter-type information with their patient base. Weave's Email Marketing feature was not designed for the purpose of communicating ePHI. Accordingly, the Weave Email Marketing feature does not include end-to-end encryption or other security features which would protect the contents of an email, such as sensitive ePHI, while in transit to the intended recipient. Emails sent to customers through Weave Email Marketing should never include sensitive information, and you should always discuss with your customers what information may be emailed to them.
• The HIPAA Privacy Rule provides individuals important controls over whether and how their PHI is used and disclosed for marketing purposes as that term is defined by HIPAA. With some exceptions, the Privacy Rule requires an individual’s written authorization before a use or disclosure of his or her PHI can be used for marketing. Compliance with the Privacy Rule while using Weave’s Email Marketing will depend on the content of the email and other factors. You can learn more about HIPAA and marketing by visiting the HHS website. 

Digital Forms

• Forms sent and received through the Digital Forms service are encrypted in transit and at rest. 

Call Recordings

• Call recordings are encrypted at rest with a unique encryption key for each customer. 

Keep in mind, Weave cannot give you legal advice. Compliance with HIPAA and other applicable laws and regulations will depend on your particular use case and context. This information should not be relied upon as legal advice or to determine how legal requirements apply to your use of the Weave service. Weave encourages you to seek guidance from your legal counsel regarding the requirements of HIPAA and other relevant laws and regulations to ensure compliance.

The Weave service may be purchased only by customers located in the United States (including Puerto Rico) or Canada and is intended for use only in those locations. Weave makes no representations or warranties that the service is appropriate or available for use outside of the United States or Canada.

Subscribers that choose to access or use the Weave service from outside the United States or Canada do so at their own risk and are entirely responsible for compliance with local law, including, but not limited to export and import regulations. In addition, the Weave service is subject to United States export laws and regulations and may not be exported or re-exported to certain countries or those persons or entities prohibited from receiving exports from the United States.

You can read more about the location of the Weave service and other restrictions on use of the service in our Terms of Service.

Before you attempt to use or access the Weave service in other locations, please consider the following:

• Weave does not provide support for customers using the service outside of the United States or Canada.
• Weave does not ship VoIP telephones to locations outside the United States or Canada.
• The Weave mobile app can only be downloaded in the United States or Canada.
• Weave may block individuals from certain geolocations from downloading and updating the Weave desktop app.
• Weave may restrict accessing or using the service if we reasonably believe you are using the service outside of the United States or Canada.
• E911 service is not supported for VoIP phones located outside of the United States, Puerto Rico, or Canada. (See additional information below.*)
• Your VoIP call quality may suffer if you use the VoIP phones and service outside the United States or Canada. (See additional information below.**)

* PLEASE NOTE: Weave cannot provide E911 support for customers who use the service outside of the United States, Puerto Rico, and Canada. We want to make sure that you are aware of important differences in the way 911 service operates with a VoIP phone when compared with traditional telephone service. With traditional phone services, your 911 call is sent directly to the nearest emergency response center. With VoIP phone service, your 911 call is forwarded to a third-party service provider that will automatically or manually route your call to the emergency response center. Weave will attempt to provide the emergency operator with your service address, so it is important that your information on file with us is always accurate and updated. Weave currently only supports registration of E911 addresses located in the United States, Puerto Rico, and Canada. If you attempt to call 911 from a Weave VoIP phone located outside of the United States, or Canada, the emergency operator may assume that you are calling from the last registered address. You can update your E911 address at any time in the Weave Admin Portal. For a complete description of our VoIP service and limitations of E9-1-1 service, please see this important E911 information and Weave’s VoIP Terms of Service.

** PLEASE NOTE: VoIP call quality is impacted by internet bandwidth and congestion, priority routing rules, and latency, among other factors. Call quality may be impacted by the location of your VoIP phone relative to Weave’s infrastructure, located in data centers located in the United States. If you choose to relocate your physical VoIP phones outside of the United States or Canada and attempt to receive or make calls, your call quality is likely to be significantly degraded. For example, typical round trip time between the United States and Australia is around 200-300 milliseconds. To avoid degraded call quality, round trip time should ideally be no more than 120 milliseconds.

Weave is committed to keeping your data secure as it builds great technology for small businesses. As operating systems stop receiving security updates, they can no longer protect your customer data effectively. 

To benefit from everything Weave has to offer, a supported operating system must be installed on each of your desktops and/or servers.

Desktop App Requirements

The Weave Desktop App will be installed on each computer station in your office that needs access to Weave. We follow the same lifecycle that Microsoft employs to keep its software secure. We plan to support Windows 10 until its current retirement date of October 14, 2025 (subject to change).

The following is a list of supported desktop operating systems and when each will no longer be considered secure, thus not supported by Weave.

Windows 10

Other Compatible Windows Versions

MacOS

Software requirements change over time, so make sure to keep your computers updated. For more detailed information on how to upgrade to a supported desktop operating system, you can reference these pages from Microsoft and Apple.

Server Requirements

If you signed up for the integrated version of Weave and have a server-based Practice Management Software, a sync application will need to be installed on your server. 

The following is a list of supported server operating systems and when each will no longer be considered secure, thus not supported by Weave.