Texting patients from personal phones is the most common HIPAA violation we see in dental — here is the compliant alternative.
Signed Business Associate Agreement with your vendor, encryption in transit and at rest, access controls, audit logging, and workforce training.
DDSText includes a BAA on every paid plan with no upcharge. Details on /hipaa-baa and /security.
Do not use iMessage, WhatsApp personal, or staff cell cameras for clinical photos. Do not paste PHI into consumer AI chatbots.
Compliance officers should export a sample audit log, verify BAA countersign dates, and confirm sub-processor list matches /hipaa-baa before an OCR review.
Our 2026 benchmark reports 41% of surveyed practices still use personal phones for patient texts — see /guides/dental-texting-benchmark-2026 for methodology.