This page documents DocFindMe's SMS consent process for carrier and messaging platform compliance review. It shows the exact consent language users see, where and when it appears, and confirms that SMS OTP verification is required for all users to access the Service.
1. How SMS OTP Works in DocFindMe
DocFindMe is a HIPAA-compliant digital health platform. All users — patients, doctors, and backup emergency contacts — must verify their identity via a one-time SMS passcode before they can access the Service. SMS OTP is the primary and required identity verification mechanism regardless of whether the user also uses Google OAuth or email.
Who receives SMS
All users (patients, doctors, backup contacts)
Message type
One-time passcode only — no marketing messages
Message frequency
Varies — one message per login or code-resend request
2. Consent UI — What Users See
The consent disclosure is displayed directly on the login screen, immediately above the "Send Verification Code" button. Users cannot tap the button without first seeing this text. Below is an accurate representation of the login screen as shown to users.
Enter your phone number
We'll send a 6-digit verification code
By tapping "Send Verification Code" you consent to receive a one-time SMS passcode from DocFindMe for identity verification. Message frequency varies. Msg & data rates may apply. Reply STOP to opt out or HELP for support. See our Privacy Policy.
The consent text is rendered in the login UI above the "Send Verification Code" button on every login attempt. Google OAuth and email are shown as alternative entry methods, but all paths to the Service ultimately require SMS OTP verification to confirm identity.
3. Exact Consent Disclosure Text
The following is the verbatim text displayed to every user on the login screen before any SMS is sent. This exact text appears in the app UI, the Privacy Policy, and all consent records:
4. SMS Verification Is Required for All Users
SMS OTP is the mandatory identity verification method for all DocFindMe accounts. This requirement applies regardless of the user's chosen login entry method:
-
Phone login: User enters their phone number → sees consent disclosure → taps "Send Verification Code" → receives SMS OTP → enters code to complete login.
-
Google OAuth: After completing Google sign-in, the user is still prompted to verify their linked phone number via SMS OTP before the session is established.
-
Email login: After email entry, the user is still required to verify their phone number via SMS OTP to satisfy HIPAA-grade identity assurance requirements.
Why SMS is required: DocFindMe handles Protected Health Information (PHI) under HIPAA. SMS OTP provides the multi-factor identity assurance required to ensure that only authorized individuals can access sensitive patient health data.
5. Opt-Out and Help Instructions
Opting Out
Reply STOP to any DocFindMe SMS message to opt out of receiving further SMS codes. After opting out, users must contact support@docfindme.com to re-enable SMS for their account.
Getting Help
Reply HELP to any DocFindMe SMS message for assistance, or contact us at support@docfindme.com.
6. Message Program Details
| Program name | DocFindMe account verification |
| Message types | One-time passcode (OTP) for identity verification only — no marketing, promotional, or informational messages |
| Message frequency | Varies — one message per login attempt or code-resend request |
| Carrier rates | Msg & data rates may apply per your mobile carrier plan |
| Data sharing | Mobile phone numbers are never shared with third parties for their marketing purposes |
| Supported regions | United States |
| Consent method | Express written consent at point of login — disclosure shown above the "Send Verification Code" button |
7. Related Legal Documents
Questions about our SMS program?
Contact our compliance team at support@docfindme.com or our privacy officer at privacy@docfindme.com.
DocFindMe, Inc. · support@docfindme.com · legal@docfindme.com