SMS Privacy Policy

Last updated: May 4, 2026

Scope

This SMS Privacy Policy describes how DocsDocs and its subscribing dental practices handle mobile phone numbers, consent records, and the content of SMS messages exchanged with patients. It supplements the general DocsDocs Privacy Policy and the Business Associate Agreement (BAA) between DocsDocs and each subscribing practice.

What we collect

  • The mobile phone number provided by the patient to the subscribing practice.
  • The patient's opt-in record: how consent was captured (paper form, digital form, verbal log, keyword reply), the timestamp, and the staff member or form that captured it.
  • The content of SMS messages sent and received between the practice and the patient via the practice's assigned phone number.
  • Delivery metadata returned by the SMS carrier (delivered, failed, opt-out keyword received, message segment count).

How we use it

  • To deliver the messages described in our SMS Consent & Messaging Policy: appointment reminders, recall and recare, treatment-plan follow-ups, billing notices, post-visit care instructions, and two-way conversations between the practice and the patient.
  • To honor opt-out requests (STOP, END, CANCEL, UNSUBSCRIBE, QUIT) and HELP requests as required by carrier and regulatory rules.
  • To maintain an audit trail of consent and message activity as required by HIPAA, the Telephone Consumer Protection Act (TCPA), and applicable state law.
  • To diagnose and resolve message-delivery issues with the carrier.

We do not share for marketing

Mobile opt-in data and consent will not be shared with third parties or affiliates for marketing purposes. DocsDocs does not sell, rent, or trade mobile phone numbers, opt-in records, or SMS message content.

We share data only with:

  • The subscribing dental practice that the patient is a patient of.
  • The SMS carrier (Twilio Inc.) that transmits the message, under a signed Business Associate Agreement, solely to deliver the message.
  • Government or regulatory bodies when required by law (for example, in response to a subpoena or HIPAA breach investigation).

How long we keep it

Mobile phone numbers and consent records are retained for the duration of the patient's relationship with the subscribing practice plus the period required by applicable state dental record-retention law (typically 7 to 10 years from the last date of service). SMS message content is retained for the same period as part of the patient's communication record.

Security

Mobile phone numbers and SMS content are encrypted in transit (TLS) and at rest. Access is restricted to authorized staff of the subscribing practice and to DocsDocs personnel under strict role-based access controls and HIPAA workforce policies.

Patient rights

Patients may, at any time:

  • Opt out of SMS by replying STOP (or any of the keywords listed in our SMS Consent & Messaging Policy).
  • Request a copy of their consent record and SMS history from the subscribing practice.
  • Request correction or deletion of their mobile phone number, subject to the practice's record-retention obligations under HIPAA and state dental law.

Contact

Privacy questions related to SMS may be directed to privacy@docs-docs.com. General support questions may be directed to support@docs-docs.com.