Text patients a document request. They reply with insurance cards, intake forms, and IDs.
HIPAA-compliant from send to storage.
BAA included on all plans. No credit card required.
No patient portal. No paper forms. Secure SMS that any patient can respond to from their phone.
A HIPAA-compliant SMS exchange between a medical office and a patient before their appointment.
All documents encrypted • Audit trail logged • PHI protected
Collect patient documents before their appointment — securely, via text, without the patient navigating a portal.
Every SMS sent through MagicDocs meets HIPAA security requirements. Messages containing PHI are encrypted end-to-end. Automatic data retention policies ensure documents are handled according to your compliance framework.
Text patients a request for insurance cards, intake forms, or ID photos. They snap a picture and reply. Documents arrive in the patient file — encrypted, logged, and sorted — without the patient visiting the office or navigating a portal.
Send patients a text link to complete intake forms before their appointment. Medical history, medication lists, and consent forms — collected digitally via a HIPAA-compliant flow that works on any smartphone browser.
MagicDocs provides a Business Associate Agreement as part of healthcare plans. We accept responsibility for safeguarding PHI under the HIPAA Privacy and Security Rules. Your compliance team can review our BAA before you start.
Every document received, accessed, and shared generates an immutable audit log entry. Who accessed what, when, and from where — the complete chain of custody that compliance officers and auditors require for HIPAA documentation.
Patients who have not submitted requested documents receive HIPAA-compliant text reminders automatically. Configurable timing and frequency ensure you collect what you need before the appointment — without your staff making reminder calls.
Every feature in MagicDocs Healthcare is built on HIPAA-compliant infrastructure from day one.
AES-256 at rest, TLS 1.3 in transit. All PHI is encrypted before it touches storage.
Role-based access ensures only authorized staff see patient documents. Minimum necessary standard enforced.
Immutable logs for every document access, download, share, and deletion. Exportable for compliance audits.
Business Associate Agreement included with healthcare plans. Review before you start — no surprise terms.
Configurable retention policies per document type. Automatic purge schedules aligned to your compliance requirements.
In the unlikely event of a breach, MagicDocs follows the HIPAA Breach Notification Rule timeline and procedures.
Get started today. Plans from $9/month.
All plans include HIPAA compliance. BAA available on Starter and above.
Everything healthcare providers ask about HIPAA-compliant SMS document collection.
Yes. MagicDocs implements the administrative, physical, and technical safeguards required by the HIPAA Security Rule. This includes encryption of PHI at rest and in transit, role-based access controls, comprehensive audit logging, automatic session timeouts, and workforce training documentation. We provide a Business Associate Agreement (BAA) and can share our compliance documentation with your team before you sign up.
Yes, with appropriate safeguards. MagicDocs SMS messages comply with HIPAA by ensuring that PHI in text messages is minimized and that the document exchange itself happens through encrypted channels. Initial outreach messages contain no PHI — they simply request the patient to submit documents. The patient replies with documents which are encrypted immediately upon receipt.
Yes. A BAA is included with all healthcare plans and must be signed before your first patient interaction. The BAA defines our responsibilities for protecting PHI, outlines breach notification procedures, and establishes the permitted uses of patient data within the MagicDocs platform. Your compliance team can review the BAA during your onboarding period.
Insurance cards (front and back), photo ID for identity verification, completed intake forms, medication lists, medical history questionnaires, consent forms, prior authorization documents, referral letters, and any other document that can be photographed or attached to a text message. MagicDocs handles images, PDFs, and common document formats.
All patient documents are encrypted with AES-256 at rest and stored in SOC 2 compliant infrastructure. Access is controlled by role-based permissions — only staff members with the appropriate role can view patient documents. Every access generates an audit log entry. Documents can be configured with automatic retention and purge schedules per your compliance requirements.
All inbound messages are encrypted immediately upon receipt. MagicDocs does not display PHI in notification previews or email alerts. Patient replies — including any text they write and any documents they attach — are processed through our HIPAA-compliant pipeline and stored encrypted. Staff can only view content through the authenticated, access-controlled dashboard.
Text patients a document request before their appointment. Insurance cards, IDs, and intake forms — collected securely via SMS.
HIPAA compliant. BAA included on all plans.