Skip to main content

Feature · Consent forms

Digital consent forms for medspas.

Delam's consent module is medspa software that captures patient consent at booking, stores encrypted signed records with timestamps and IP metadata, supports patient-initiated revocation, and maintains an audit log compliant with PHIPA, PIPEDA, HIPAA, and CPSO/CNO rules. Paper goes away. Legacy medspa platforms bolt consent on as add-ons; Delam's membership-first medspa OS ships consent as a first-class primitive linked to every appointment, with 30+ treatment-specific templates in English and French.

Build my appSee templates

Why digital consent

Paper is a liability.

Paper consent fades, gets lost, and can't prove the patient actually read the disclosures. CPSO and CNO expect clinics to demonstrate informed consent with timestamps, disclosure acknowledgments, and a clear revocation path (CPSO Policy 3-15, 2024).

Digital consent is faster (average 2 minutes vs. 9 minutes for paper — Delam customer panel, Q1 2026), legally equivalent under PIPEDA Part 2, and creates the forensic record that defends the clinic in a complaint. Delam enforces it at the moment of truth: the appointment won't start without a valid signature.

  • 30+

    Bilingual templates

    CPSO & CNO, 2024 guidance

  • <60s

    Revoke-to-invalidate

    Delam SLA on signed URLs

  • 7 yrs

    Immutable retention

    PHIPA O. Reg. 329/04

Treatment-specific templates

30+ forms, reviewed by Canadian regulatory counsel.

Every template ships in English (en-CA) and French (fr-CA), with provider-level clauses and a version log. Brand with your logo, add your medical director sign-off, and launch the same day.

  • Neuromodulators

    Botox, Dysport, Xeomin, Jeuveau, dosage units, injection sites, post-care, and contraindication clauses.

  • Dermal fillers

    Hyaluronic acid, Sculptra, Radiesse, Bellafill, with vascular occlusion disclosure and hyaluronidase reversal plan.

  • Laser & energy

    IPL, CO2, Fraxel, Morpheus8, BBL, Clear + Brilliant, skin type classification and photoprotection clauses.

  • Body contouring

    CoolSculpting, Emsculpt, Sofwave, Ultherapy. PAH disclosure and realistic-expectation acknowledgments.

  • IV therapy & infusions

    NAD+, Myers' cocktail, glutathione, B12, screening disclosures, dose logs, and adverse-reaction protocols.

  • GLP-1 weight loss

    Semaglutide, tirzepatide, screening, titration schedule, contraindications, and informed refusal options.

  • Skin & medical

    Peels, microneedling, PRP, IV therapy, GLP-1 weight loss, informed-refusal options included.

  • Photo & marketing

    Scoped consent: internal chart only, clinic marketing, public social. Name publication toggle.

Before/after photos

Before/after photo consent, CPSO-ready.

The PhotoConsent record captures scope (internal / marketing / public social), name-publication preference, revocation mechanism, timestamp, IP, and device. Uploads are blocked by the requirePhotoConsent middleware unless a valid non-revoked consent exists.

A photo that was consented for the internal chart cannot silently drift onto the clinic's Instagram. Delam scopes the asset at the moment of capture, and every downstream surface (marketing queue, website embeds, review requests) checks the scope before displaying.

When a patient revokes, the asset is hidden from marketing, signed URLs invalidate within 60 seconds, and downstream automations lose access immediately. The audit log retains the event for the full seven-year retention window, you can prove both that the photo was consented and that the revocation was honoured.

PhotoConsent scope

Internal chart only
Default
Clinic marketing
Opt-in
Public social media
Opt-in · named
Revocation channel
App · email

Revocation + audit log

Who, what, when, why, for seven years.

Every consent event (view, sign, revoke, edit) is written with auditPHIAccess() into an immutable ledger retained seven years (PHIPA O. Reg. 329/04, § 6). Fields captured: staff ID, patient ID, action, IP, user agent, jurisdiction, purpose, consent version.

Exports as CSV or JSON for a complaint response, Information and Privacy Commissioner audit, or internal QA review.

  1. 01

    Patient taps revoke

    From the branded app or a signed email link, no phone call, no form to fill.

  2. 02

    revokedAt is stamped

    Delam writes the revocation timestamp, IP, and device to the consent record.

  3. 03

    Audit log appends

    An immutable ledger entry captures staff ID, patient ID, action, jurisdiction, and version.

  4. 04

    Assets hide

    Marketing pulls the photo, website embeds expire, and signed URLs invalidate within 60 seconds.

  5. 05

    Automations halt

    Drip campaigns, AI suggestions, and review requests lose access to the revoked asset immediately.

  6. 06

    Admin is notified

    Clinic admin receives a notification within 5 minutes with a direct link to the revoked record.

Compliance by the numbers

Engineered for the strictest rule, always.

100%

PIPEDA + Law 25 aligned

Explicit consent, purpose limitation, and audit logs on every event.

Source: Delam compliance review, Q1 2026

0 hard-deletes

Soft deletes only

deletedAt preserved for the full retention window.

Source: PHIPA O. Reg. 329/04, § 6

3 days

Template pick to go live

Pick, enable, train, consent blocks the appointment by default.

Source: Delam deployment playbook

Customer testimonial

Consent used to be a clipboard at the door. Now it's signed before the patient even parks, linked to the appointment, and one tap to revoke, our CPSO file has never looked cleaner.
Dr. Maya R. · Medical Director · Toronto, ON

FAQs

Common questions about consent forms.

Does Delam replace my separate consent tool?
Yes. Delam's consent module is included in Starter and Growth plans, no separate e-signature add-on needed.
Is e-signature legally binding in Canada?
Yes, under PIPEDA Part 2 and the provincial equivalents (including Quebec's LCCJTI). Delam captures the sign event with timestamp, IP, device fingerprint, and user agent.
Can patients revoke consent after signing?
Yes. Revocation is one tap in the branded patient app. Delam propagates revocation within 60 seconds, assets are hidden from marketing and blocked from automations.
How long are consent records retained?
Seven years by default, matching CPSO Policy 4-12 minimums. Configurable for pediatric records (16 years in Ontario) and Quebec Law 25 deletion-on-request flows.
Do I need separate consent for before/after photos?
Yes. Photos require a dedicated PhotoConsent record with scope (internal vs. public) and name-publication preference. The requirePhotoConsent middleware blocks uploads when consent is missing.
Are the templates bilingual?
Yes. Every template ships in English (en-CA) and French (fr-CA) for Quebec Law 25 compliance. The patient's preferred language is selected per their profile, never guessed.
Can I customize templates per provider or treatment?
Yes. Each template supports provider-level clauses with a version log, so you can demonstrate the exact wording a patient signed at a specific date.

― Related

Get started

Your consent, signed & airtight.

Replace separate e-signature tools and paper in one afternoon.

Build my appSee the EMR
  • PHIPA · PIPEDA · Law 25
  • CPSO · CNO aligned
  • Bilingual en-CA / fr-CA