PricingSecurityBlogHelpContact Us
Log InSign Up
menu
Contact UsHelp
PricingSecurityPrivacyBlog
Sign Up

BloomText vs iMessage

Why Apple's encryption leadership does not make iMessage a HIPAA-compliant channel for healthcare communication.

Get started for free
By , CEO · Last updated May 21, 2026

Quick answer

iMessage offers industry-leading encryption, including post-quantum protections, but Apple explicitly prohibits the use of iCloud services to transmit protected health information and will not sign a BAA for messaging. Healthcare teams that text about patients through iMessage are operating outside HIPAA. BloomText is purpose-built for healthcare messaging and includes a signed BAA on every plan.

Feature comparison

BloomText vs iMessage

Feature comparison between BloomText and iMessage
FeatureBloomTextiMessage
Signed Business Associate AgreementApple's iCloud Terms of Service explicitly prohibit covered entities from using iCloud to create, receive, maintain, or transmit PHI.IncludedNot included
Lawful channel for transmitting PHIApple's iCloud Terms prohibit PHI, iMessage syncs with iCloud, and Apple does not offer a BAA for consumer messaging.IncludedNot included
Conversation audit trailiMessage provides no organizational audit trail or admin visibility into conversations.IncludedNot included
Admin user removal with data revocationiMessage has no organizational admin controls. Messages persist on individual devices.IncludedNot included
Works on Windows and AndroidiMessage is limited to Apple devices. BloomText supports Windows, Mac, iPhone, and Android.IncludedNot included
No patient app download requirediMessage requires an Apple device on both ends. BloomText patients reply via standard SMS.IncludedNot included

When to use BloomText

  • You need HIPAA-compliant messaging with a signed BAA, audit trail, and admin controls.
  • Staff currently text about patients through iMessage and you need a compliant alternative.
  • You need messaging that works across Windows, Mac, iPhone, and Android — not just Apple devices.

When to use iMessage

  • You are messaging friends, family, or colleagues about non-healthcare topics.
  • You do not handle protected health information in any messages.
  • Everyone in the conversation uses Apple devices and no PHI is involved.

Apple's encryption is excellent — but HIPAA requires more

iMessage uses end-to-end encryption with AES, RSA, and Apple's post-quantum PQ3 protocol. By consumer messaging standards, iMessage security is among the best available. But HIPAA compliance is not a measure of encryption strength. The HIPAA Security Rule requires a signed Business Associate Agreement, administrative safeguards, access controls, audit logging, and breach notification procedures. Apple provides none of these for iMessage.

Apple does not offer a BAA for iMessage

Apple's iCloud Terms of Service prohibit covered entities from using iCloud to create, receive, maintain, or transmit protected health information. Because iMessage syncs with iCloud and Apple does not offer a Business Associate Agreement for its consumer messaging services, there is no path to using iMessage in a HIPAA-compliant way. Apple has not published any healthcare compliance program or BAA for iMessage independent of iCloud.

The real problem: staff texting on personal phones

iMessage is the default messenger for iPhone users. When healthcare staff need to communicate quickly, they reach for what is already on their phone. The result is patient information flowing through a channel with no BAA and no compliance program. BloomText gives staff a messaging experience that feels just as immediate — with desktop and mobile apps, push notifications, and read receipts — while keeping every message inside a HIPAA-compliant platform with a signed BAA.

Frequently Asked Questions

Is iMessage HIPAA compliant?
No. Apple does not offer a Business Associate Agreement for iMessage, and Apple's iCloud Terms prohibit covered entities from using iCloud to handle PHI. Because iMessage syncs with iCloud, there is no compliant way to use iMessage for healthcare communication.
Does Apple's encryption make iMessage safe for healthcare?
iMessage encryption is strong, but encryption alone does not satisfy HIPAA. HIPAA requires a signed BAA, administrative safeguards, access controls, audit logging, and breach notification procedures — none of which iMessage provides.
Can I use iMessage if I only text other providers, not patients?
If the messages contain protected health information, the same HIPAA requirements apply regardless of whether the recipient is a patient or another provider. iMessage is not a lawful channel for PHI in either case.
What should healthcare staff use instead of iMessage?
Healthcare staff should use a messaging platform with a signed BAA, conversation auditing, admin controls, and cross-platform support. BloomText works on iPhone, Android, Windows, and Mac, and includes a signed BAA on every plan.

Comparison last verified May 21, 2026. Sources: BloomText pricing, Apple iCloud Terms of Service, HHS HIPAA Security Rule, HHS FAQ: encrypted ePHI and BAA requirements.

Try BloomText now

Get started for free

Trusted by today's leading healthcare professionals

  • Streamlined appointment schedulingWith BloomText Broadcast SMS Messaging, I literally took the job of 20 employees and I can do it by myself in three and a half hours.Chief Administrative Officer, Radiology
  • Best HIPAA app on the marketBloomText has brought our clinic into the modern age, and our patients love being able to communicate with us via text or through our website.Office Administrator, Family Medicine
  • Excellent for acute careBloomText is the nervous system for my business. It helps us differentiate ourselves in terms of our communication and our quality of care.Clinical Director, Acute Care

1 of 3

Streamlined appointment schedulingWith BloomText Broadcast SMS Messaging, I literally took the job of 20 employees and I can do it by myself in three and a half hours.Chief Administrative Officer, Radiology
Best HIPAA app on the marketBloomText has brought our clinic into the modern age, and our patients love being able to communicate with us via text or through our website.Office Administrator, Family Medicine
Excellent for acute careBloomText is the nervous system for my business. It helps us differentiate ourselves in terms of our communication and our quality of care.Clinical Director, Acute Care

Try HIPAA-compliant texting free

Signed BAA included. No credit card necessary.
Sign UpSee plans & pricing →

Get our app

Get for iPhoneiPhoneGet for AndroidAndroid
Download for MacDownload for Windows

BloomText

OverviewPricingCost CalculatorBlog

Solutions

ABA TherapyAddiction TreatmentDentalHome HealthMental Health

Compare

vs Microsoft Teamsvs OhMDvs TigerConnectvs Spruce
Show moreShow lessvs Klaravs Rhinogramvs Slackvs pMDvs Doximity Dialervs Hucu.aivs QliqSOFTvs Celo Healthvs Google Workspacevs WhatsAppvs iMessagevs Zoomvs Signal

More

SecurityPrivacy

Support

HelpProduct GuidesContact Us
© 2026 BloomAPI Inc.