Signature Documents

Upload the PDF that the form lives on (an existing release form, a treatment consent, a volunteer waiver) and place annotations on it visually. Signature, initials, and date annotations apply the signer's recorded inputs at the moment they sign. Text Input fields collect arbitrary information — required or optional. Checkbox annotations capture yes/no responses. Printed Name and Read-Only Text annotations put context onto the document without asking the signer for input. The annotation set covers everything a paper form actually does, with the layout the original was designed around preserved.

Document templates only become available to staff for sending once they're marked Active and assigned to specific facilities. The double gate is intentional: drafts in progress aren't accidentally sent, and a template built for one facility's intake process isn't accidentally available across the whole organization. Assign a template to one facility, several, or all — the choice is per-template.

Most e-signature tools assume one audience. SecureCare sends to three: a customer's intake forms, a volunteer's waiver and background-check authorizations, a staff member's employment agreement and policy acknowledgments — all from the same template-and-request infrastructure, all routing the signed copy back to the recipient's record-specific document repository. The platform doesn't ask staff to learn three different tools for three different audiences.

A complete intake might require five forms; an onboarding might require three. SecureCare sends them as one request, with a single shared link, executed in the natural reading order. The constraint: documents in the same request must share the same signatory count. A two-signatory consent form and a one-signatory waiver can't ride the same request, but two two-signatory forms can. The constraint is honest about what works mechanically.

Documents support one, two, or three signatories. When multiple signatories are required, the platform executes them sequentially — the second signatory only receives their link after the first has signed; the third only after the second. The order is preserved on the signed copy, with each signatory's inputs cryptographically tied to their position in the sequence. A consent form requiring patient and guardian signatures stays in order; the order is the audit.

For sensitive documents, staff can require the recipient to validate identity before opening the document — date of birth, phone number, both, or neither. The validation runs in the same proven flow that gates external secure messaging on the platform. IP rate limiting prevents brute-force attempts. Failed validations write to the same authentication audit log that messaging uses. One validation pattern, one mental model, two surfaces.

Request links are valid for 48 hours from sending. After completion, the signed copy is accessible to the signatory for 7 days. If a recipient misses the window, staff send a fresh 48-hour link with one click — no need to recreate the request, no broken state in the system. Staff can also cancel a request at any point in its lifecycle, voiding any unused links and removing the request from active circulation.

When all signatories have signed, the completed PDF is generated, locked from any further modification, and filed automatically in the recipient's record-specific document repository. Customer documents on the customer record, volunteer documents on the volunteer record, staff documents on the staff record. Each follows the same encryption-at-rest, retention, and access-control rules Document Storage applies elsewhere. There's no manual filing step; the platform completes the loop.

When the staff member sends a request, they can opt to be notified when all signatories have completed it. The notification arrives through SecureCare's platform notification system — the same channel that surfaces overdue reminders, new messages, and new documents. Don't need a notification? Don't subscribe to one. The default is silent — staff who want the alert ask for it; staff who don't, don't get nagged.

Every action on a signature request is logged: when it was created, by whom, sent to whom, opened by whom, signed by whom, completed when, downloaded by whom, cancelled by whom, refreshed how many times. The signed copy itself includes the timestamps and identity-verification records. A compliance review of a particular signed document can answer not just did this person sign? but did this person sign with verified identity, on a specific date, after how many attempts?

Signature Documents isn't a side-system. Templates assigned to Programs dispatch automatically from Appointments for that program. Signature requests can be sent directly from a customer, volunteer, or staff record. Completed signed documents appear in the relevant record's Documents tab and count against the same storage allocation as any other document. The same audit trail. The same encryption. The same access controls. Signature is a capability the rest of the platform calls into.