Knowledge Base

⌘K
  2. Home
  4. Docs
  6. Knowledge Base
  8. Message Setup
  10. Secure Messaging

Secure Messaging

Secure Messaging is currently in BETA. To request access, please email us at support@apptoto.com.

Apptoto’s Secure Messaging feature gives you an added layer of privacy when communicating with your clients via SMS or email. Instead of sending message content directly, clients receive a secure link to view the conversation. This ensures sensitive information stays protected.

What is Secure Messaging?

When you enable Secure Messaging, Apptoto sends a link to a private conversation page instead of including the message content directly. Clients must click the link within a certain number of hours to view the message. After the link expires, clients can request a new one through the same conversation page.

How to Set Up Secure Messaging

To turn on Secure Messaging:

  1. Navigate to Messaging > Secure Messaging in your Apptoto account.
  2. Toggle the Enable Secure Messaging option to ON. Set up secure messaging by toggling "enable secure messaging" on.
  3. Set your secure message subject (email only), body, and link expiration timing.Adjust secure messaging settings include message content and link expiration timing
  4. For enhanced security, add a default PIN that each contact must enter after receiving their secure link to access their messages.
    • Note: You can customize PINs on a contact-by-contact basis if needed.Require a PIN for clients to access their secure messages for added security
  5. Click “Save Settings.”

Controlling Which Messages are Sent Securely

  1. Navigate to Messaging > Appointment Auto Messages tab in your Apptoto account.
  2. Choose an existing text or email message from your existing Message Schedule, or create a new message.Edit an existing appointment auto message by selecting the vertical menu
  3. A new toggle will appear on the Message Editor screen, “🔓Send Securely.” Toggle this on.Toggle individual message on to send securely
  4. Repeat for all additional email or text messages you’d like Apptoto to deliver securely.
  5. Click “Save Settings” on the Appointment Auto Messages tab.

Once enabled, any SMS and email messages you’ve set to “send securely” will be delivered using the secure message format.

Customizing Secure Message Templates

You can customize the subject and body of the secure link message sent to clients:

You've received a secure message from {{ user.name_and_company }}

Secure Link Message Body:

You've received a secure message from {{ user.name_and_company }}, click here to view the conversation: {{ secure_link }}

Note: {{ secure_link }} will automatically insert the unique, time-limited link for the client to access the conversation.

Secure message links are valid for 24 hours by default. Using step 3 above, you can set links to expire after 10 days, 6 months, or 1 year instead.

If a client or patient clicks an expired secure link, Apptoto will prompt them to request a new one. There is no need for you to resend the message.

Using Contact PINs for Additional Security

To add another layer of protection, you can require clients to enter a PIN before viewing a secure message.

There are three ways to configure this:

  1. Set a default PIN for all contacts.
    • Add a default PIN for all contacts (unless a custom PIN is set per contact) in the Default Contact PIN field under Messaging > Secure Messaging.
  2. Manually set a PIN for a specific contact.
    • First, navigate to the Contacts tab. Click the Edit icon (pencil/paper) next to your contact’s name, enter a PIN in the Secure PIN field, and click Save.
  3. Use a Default Contact PIN from your address book.
    • You can define a default PIN using a custom field from your address book. For example: {{ custom.my_secure_pin_field }} where “my_secure_pin_field” is replaced with the name of your secure PIN field.

When a secure message is sent to a contact with a PIN on file, they must enter it before they can view the conversation.

Complete step-by-step instructions for setting up PINs can be found in the “Secure Messaging Contact PINs” knowledge base article.

Frequently Asked Questions

1. What happens if the client doesn’t view the message within 24 hours?

They can visit the original link, and a button will be provided that will allow them to request a new one. Apptoto will automatically generate a fresh link without any action needed on your part.

2. Can I track if contacts view their secure messages?

You can use the Apptoto Log (located under Tools > Log) to track secure message activity.

For email messages, the log shows whether the recipient opened the email message and/or whether a PIN was entered (if enabled).

For SMS messages, the log does not show if the SMS message was opened. However, if the client clicks the secure link and enters a PIN, the log will reflect that activity, indirectly confirming that the message was viewed.

3. Is Secure Messaging HIPAA compliant?

Secure Messaging helps protect sensitive data. However, full HIPAA compliance depends on your organization’s usage and policies. Please consult your compliance officer for guidance.

Articles