HIPAA-Compliant Patient Survey Platform

Save time, improve communication, and capture more survey data

SecureMedAssist automates the email, SMS, and multilingual AI phone outreach behind patient survey collection — for hospital research programs, clinics, and grant-funded studies — in a fully HIPAA-compliant environment.

Request Access
HIPAA-Eligible Infrastructure · PHI Encrypted End-to-End · U.S. Data Residency · BAA Before Any PHI
Built for Hospital Research Clinics & Health Systems Grant-Funded Studies Patient-Reported Outcomes

Why It Matters

Better Outcomes for Your Study — and Your Budget

Accelerate Your Study

SecureMedAssist manages every outreach attempt automatically — running email, SMS, and AI calls in sequence — so responses arrive sooner and your study reaches its target faster than manual, one-by-one follow-up.

Complete Capture

Multi-channel persistence reaches participants who would otherwise go unheard — email, then SMS, then a voice call — lifting response rates toward your target. It does the work of several research assistants, so you capture a complete dataset and stay within budget.

Less Biased Data

Voice and text outreach bring in participants who are typically underrepresented in web-only surveys — older adults and patients more comfortable speaking than clicking. And every channel runs in the patient's own language (20+ supported), so your dataset reflects the full cohort, not just the easiest to reach.

Who It Serves

One Platform, Built for Both Sides of the Approval

SecureMedAssist is evaluated by the research team that will run it and the security team that must approve it. It is built to satisfy both. Health systems running patient outreach programs use the same platform.

For Research Teams

Reclaim the hours your team spends dialing patients

  • Build survey instruments in minutes — no coding, no external survey tool
  • Automated email → SMS → AI phone call sequence runs itself
  • Reach older, less-digital participants by voice, not just a link — in 20+ languages, with AI-drafted translations your team reviews and approves
  • Every answer lands in one dashboard — export the results CSV (fully compatible with REDCap), codebook, and delivery report
For IT & Security Reviewers

Documentation-ready for institutional review

  • HIPAA-eligible infrastructure under BAA
  • PHI encrypted at rest and in transit (TLS 1.2/1.3); keyless service-to-service auth via managed identity — no stored connection strings
  • Named sub-processors — every PHI vendor under a BAA
  • U.S.-only data residency, org-scoped access isolation, audit logging

The Challenge

Collecting Patient Survey Responses at Scale Requires More Than a Survey Link

Grant-funded studies routinely require collecting survey data from hundreds or thousands of patients. Today, that process depends on research staff manually tracking outreach across email, text, and phone — making repeated attempts, logging responses, and scheduling follow-up calls. For a single study covering 800 patients, reaching a 70% response rate through manual outreach requires an estimated 1,500–2,000 individual contact actions before a single survey response is analyzed.

The challenge is compounded by the nature of the patient population. Older adults and patients with limited digital literacy are significantly less likely to complete a web-based survey. Phone calls remain the most effective channel for reaching them — yet placing individual calls to hundreds of patients is not a sustainable research operation, even with dedicated research staff.

Existing survey platforms were built to collect responses from patients who already found the link. They provide no integrated mechanism for reaching those who didn't — and no path for participants who are more comfortable speaking than clicking.

The Platform

How SecureMedAssist Works

Five steps from protocol to dataset — your team controls the study; the platform does the outreach.

01

Create a Study

Set up your study workspace: the internal study name, your IRB details, and a neutral patient-facing sender name. Every study's data is fully segregated from every other study.

Sandbox first — test before any patient data
02

Build the Survey

Create your instrument with standard question types — multiple choice, Likert scale, yes/no, numeric, open text — plus skip logic. Then send the email, the text, and the AI phone call to yourself to experience exactly what participants will receive.

No coding required
03

Upload Participants

Upload contact records — all at once, or as enrollment continues over months. New participants enter outreach the next business day. All contact data is treated as PHI from the moment it enters the system.

Rolling enrollment supported
04

Outreach Runs Itself

Each participant gets an email invitation, then a reminder email plus a text, then an optional AI phone call if they still haven't responded — each in the participant's own language. Every answer — typed or spoken — lands in the same dataset.

No link. No app. No friction.
05

Export the Dataset

Download the analysis-ready results CSV, an auto-generated codebook, and a per-participant delivery report — formatted for your statistician, not for our dashboard.

CSV + codebook + delivery report

The Outreach Flow

Each participant advances only until they respond — then their answers flow straight to the research dataset.

Completed Patient Dataset 0 / 800
Patient Channel Status

The Voice Channel

AI Phone Follow-Up for Nonresponders, Supervised by Your Team

The AI assistant calls only participants who haven't responded to email and text. It administers your exact survey — nothing more — under behavioral constraints your governance committee can review.

  • Consent first. Identifies itself as an AI and asks permission before any question
  • On-script only. Your survey, word for word — never medical advice
  • Safety built in. Distress triggers 911/988 guidance and a flag for your team
  • Respectful by design. Calls only within the strictest legal calling hours, two attempts max, never a voicemail
  • Speaks the patient's language. Conducts the call in 20+ languages and switches the moment the patient does

The complete AI Agent Behavioral Specification — what the agent will and won't do, how emergencies are handled, how a single "stop" instantly ends outreach on every channel, what reaches your dataset (structured answers, call outcomes, and the spoken phrase for choice/scale answers — never audio recordings or full transcripts), and the hard platform-enforced call-length and silence limits — is part of our compliance documentation package, written for IRB and AI governance review.

See It for Yourself

Evaluate the Platform the Way Your Participants Will Experience It

Try the patient experience

Open a live sample survey on your phone and complete it exactly as a participant would — in English or Spanish, about 90 seconds, no signup.

We'll send you a live sample survey link with your access request — or walk through it together on an intro call.

Hear the AI phone call

Listen to the assistant introduce itself, ask for consent, and administer two questions from a sample survey.

Once you have sandbox access, the AI will call your own phone with your own survey — the most honest demo there is.

Estimate your study

Study Pricing

Fixed Price per Study. Unlimited Responses.

Every study is priced as a single, fixed fee — based on cohort size, number of surveys, and collection window. A high response rate never costs you more. There are no per-response charges and no overage fees.

Every study includes: email + SMS + AI phone follow-up · surveys in 20+ languages · researcher dashboard · results CSV (REDCap compatible), codebook, and delivery report · launch review · signed BAA.

We'll walk through pricing on your intro call and provide a formal quote you can include in a grant budget.

Request Access

Security & Compliance

Built for the Standards Healthcare Institutions Require

SecureMedAssist was designed from the ground up for HIPAA compliance — not retrofitted for it. A signed BAA is required before any PHI enters the platform.

HIPAA-Eligible Infrastructure

Hosted on HIPAA-eligible cloud infrastructure under a signed Business Associate Agreement. All PHI workloads run exclusively on HIPAA-eligible services.

PHI Encryption, Keyless Design

All Protected Health Information is encrypted at rest and in transit (TLS 1.2/1.3). Services authenticate to each other with managed identities — no stored connection strings or shared keys to leak.

Named Sub-Processors — All With BAAs

Every vendor that handles PHI operates under a signed BAA. No PHI flows to any system without a BAA in place.

U.S. Data Residency, Minimal Retention

All patient data is stored exclusively in United States data centers. We store no audio recordings or full call transcripts — only structured answers, call outcomes, and (for spoken choice/scale answers) the short phrase the patient said, kept alongside the recorded value for verification. Patient contact information is permanently deleted as soon as their outreach is complete, and remaining study data is deleted when you close the study (or automatically after a year of inactivity).

Invite-Only, Org-Isolated Access

Accounts are created by invitation only with MFA-capable enterprise identity. Each organization's studies, participants, and results are fully isolated; every study passes a launch review before live outreach.

AI Transparency

The voice agent runs under a BAA, with prompt-locked behavioral constraints. We never train AI models on patient data. Answers post immediately to our covered platform; nothing lingers in the voice layer.

IRB note: we provide workflow documentation and consent-language templates; final IRB approval, consent wording, and patient-contact authorization remain the responsibility of the study team and institution.

For Institutional Review

Hospital Not Onboarded Yet? Your Compliance Package Is Ready

Institutional approval is usually the longest part of starting a study — so we prepared the paperwork in advance. The full package is ready to hand to each reviewer who needs it: a pre-filled HECVAT for IT security, a BAA template ready for legal redlining, a one-page data flow diagram for your CISO, and an IRB-submission-ready AI governance summary — plus the sub-processor list, retention policy, and breach procedure. Sign in to download it from your dashboard, or request it and we'll send it the same day.

Sign In to Download →

No account yet? Request the package through the access form — or ask for something specific, like the full AI Behavioral Specification or your institution's own questionnaire format.

Get Started

Request Access

Access is reviewed for every team — that's part of how the platform stays compliant. Here's the path from this form to your first completed dataset:

  1. Talk to us Submit the form (or book an intro call). We review every request and reply within one business day.
  2. Explore everything in a free sandbox Build your study and survey, then experience it yourself: receive the patient email and text, and have the AI call your own phone — before any patient data enters the system.
  3. Launch your live study Pass the launch review (IRB and consent attestations), upload your cohort — outreach starts the next business day.

Prefer to talk first?
Book a 30-minute intro call and we'll walk through your study together.

Schedule an intro call →
Please enter your full name.
Please enter a valid email address.
Please enter your institution.
Please enter your role.

Do not include patient information in this form.