For clinics, practices & billing teams
The patient's document never leaves your device.
Fill intake and consent forms, sign, and redact patient records without the file ever being uploaded. AttachKit runs entirely in your browser — so protected health information is never copied to a server you don't control. And unlike a promise in a privacy policy, you can prove it.
Where we're honest first
A tool you'd use on a patient record should be straight with you before it sells you anything. So, plainly: AttachKit is not a “HIPAA-compliant service” and does not sign Business Associate Agreements for your files.That's not a gap — it's the point. Because the file is never uploaded, there is no protected health information for us to receive, store, or breach, and therefore nothing for us to be a Business Associate of. HIPAA compliance is a property of your practice and your workflow; you remain the covered entity. We just make sure the document itself never becomes a copy on someone else's server.
Why "in your browser" matters for PHI
Most online PDF tools upload your file to their servers to process it. For a clinic flyer that's fine. For a patient intake form, a referral letter, a superbill, or a records request, it means a copy of protected health information now lives on infrastructure you don't control — subject to that vendor's retention, their breaches, and the BAA you would need in place with them.
AttachKit doesn't upload the file at all. The PDF is parsed, filled, signed, and redacted inside the browser tab you have open. The server never receives it — and most of the time isn't contacted at all. There is simply no third-party copy of the record to secure or worry about.
Don't take our word for it — check the network tab
This is the part you can verify in thirty seconds, before you trust us with anything:
- Open any tool (try Redact).
- Open your browser's developer tools and switch to the Network tab.
- Drop in a PDF and run the tool.
- Watch the request list. Your file is never sent. The full technical account of what does and doesn't touch our server is on the security page.
The tools a practice actually reaches for
Redact PHI so it stays redacted
Draw redactions yourself, or let optional AI suggest likely PII — it sends only the extracted text (never the file), and Local AI mode keeps even that on your device. Then export with forensic scrub so a name, MRN, date of birth, or SSN under each mark is removed from the file — not hidden behind a black box that can be lifted out. Re-open and search the export to confirm before you disclose it. See Redact.
Fill intake, consent & insurance forms
Fill patient intake, consent, HIPAA-authorization, and insurance forms in your browser, with verified field maps for common government forms or optional AI suggestions from the form's field names and your saved profile details (never the file). Browse the form library.
Sign & get a verifiable proof
Sign or counter-sign referrals, orders, and authorizations in the browser. Every signed PDF carries a content-bound proof: change a single byte afterward and verification fails. Anyone can confirm a signature at attachkit.com/verify, and the check runs offline too.
New: tell the record what to do
The Private PDF Agent (in beta) lets you describe a change in plain English — “redact every SSN”, “keep only the consent page”, “remove the blank pages” — and review a clear plan before anything is applied. The PHI posture is unchanged: the file never leaves your browser; only the extracted text is sent to the AI so it can locate pages, never the document itself. Nothing changes until you approve the plan, and your original is never modified.
Where we're honest about the limits
- Not a “HIPAA-compliant” vendor, and no BAA for your files. Because we never receive the file, there is no PHI for us to be a Business Associate of. Your practice remains the covered entity, responsible for its own compliance.
- Not medical, legal, or compliance advice. AttachKit is software for working with PDFs. You remain responsible for how you collect, handle, and disclose patient information.
- Optional AI sends extracted text, never the file. Auto-fill and PII suggestions are opt-in and clearly labeled; skip them, or use Local AI mode, to keep everything on your device.
Frequently asked
- Do patient documents get uploaded to a server?
- No. AttachKit fills, signs, and redacts the PDF inside your browser tab — the file is never sent to our server, so no copy of the patient's document (or the PHI in it) ever reaches us. You can prove it: open your browser's developer tools, switch to the Network tab, and run any tool — you'll see no upload of the file. The only exceptions are the OPTIONAL AI features (form auto-fill, which sends the form's field names and your saved profile details, and Redact's “suggest likely PII”, which sends extracted text) — never the file — and you can switch on Local AI mode to keep even that on your own device, or skip AI entirely.
- Is AttachKit HIPAA compliant? Will you sign a BAA?
- We are honest about this: AttachKit is software you run in your own browser, not a cloud service that receives your files, so there is no protected health information for us to store or process on our servers — and therefore nothing for us to be a Business Associate of with respect to your documents. We do not market ourselves as “HIPAA certified” (no such certification exists) and we do not sign BAAs for the file, because we never receive the file. HIPAA compliance is a property of YOUR practice and your workflow, not of a PDF editor; you remain the covered entity and are responsible for how you handle patient records. If you use the optional cloud AI features, extracted text — never the file — is sent to our AI provider; use Local AI mode or skip those features to keep everything on your device.
- Why does “runs in the browser” matter for PHI?
- Most online PDF tools upload your file to their servers to process it. For a patient intake form, a referral letter, a superbill, or a records request, that means a copy of protected health information now lives on infrastructure you don't control — subject to that vendor's retention, their breaches, and the BAA you'd need to have in place with them. AttachKit doesn't upload the file at all, so that whole class of exposure doesn't exist: there is no third-party copy of the record to secure, retain, or breach.
- Can I redact PHI so it's actually gone?
- Yes. Draw redactions yourself, or ask the optional AI to suggest likely PII (it sends only the extracted text, never the file). Then export with forensic scrub so the text and images under each mark are removed from the saved file — not just hidden behind a black box that can be copied out or deleted. Always re-open and search the exported PDF to confirm a name, MRN, or SSN is gone before you send it. A redacted page becomes an image, so run Make Searchable afterward if you need a searchable layer back.
- Can I fill and sign intake, consent, and insurance forms?
- Yes — fill patient intake, consent, HIPAA-authorization, and insurance forms in your browser, with verified field maps for common government forms or optional AI suggestions from the form's field names and your saved profile (never the file). Sign or counter-sign in the browser too; every signed PDF carries a content-bound proof anyone can verify at attachkit.com/verify, and the check runs offline.
- Can the AI agent edit a patient record without uploading it?
- Yes. The Private PDF Agent (in beta) edits the PDF inside your browser — the file is never uploaded. When you give it an instruction, only the extracted page text is sent to the AI so it can locate things like “the consent page” or “the blank pages”; the document itself never leaves your device. The agent only ever proposes a plan you review and approve — it never changes the record on its own, and your original is untouched.
- Is AttachKit medical or legal advice?
- No. AttachKit is software for working with PDFs. Nothing here is medical, legal, or compliance advice, and using the tool does not make us a party to your patient relationships. You remain responsible for how you collect, handle, and disclose patient information.
Try it on a record that matters
No account needed to start. Open the network tab first if you want the receipts.