Baton Pass
ResourcesSecurity

What Happens to Your Child's Allergy Information After You Text It to a Babysitter?

March 5, 2026

Most parents text allergy information, emergency contacts, and care instructions to their babysitter. It is the path of least resistance — she already has your number, you already have a text thread, and it takes 30 seconds.

The convenience is real. But so are the problems. This article is not about scaring parents away from texting. It is about the specific things that happen to information after you send it — and what to think about if you are sending sensitive health information about your child.

What happens to a text after you send it

When you text your child's allergy information to a babysitter, you have made several decisions that you cannot undo:

You cannot recall it

A text message lives in her message history indefinitely. If she switches phones, it may be backed up to iCloud or Google. If she leaves your employ under bad circumstances — or if her phone is lost or stolen — the information is still out there. You have no mechanism to revoke it.

It may reach people you did not intend

Her phone is on a shared iCloud account with her partner. A screenshot of your text ends up in a group chat. Her phone is unlocked on the counter and a roommate sees it. None of these scenarios require bad intent on your babysitter's part — they are the ordinary ways information spreads once it leaves your control.

There is no expiration

The allergy information you texted two years ago — when the diagnosis was different, the dose was different, the emergency contacts were different — is still in that text thread. If she watches your kids again and references the old text, she has outdated information.

You do not know if she read it

A delivered and read text receipt tells you she opened the message. It does not tell you she read the allergy information carefully, understood the severity, or knows where the EpiPen is.

The specific problem with photos of handwritten sheets

Many parents photograph their hand-written information sheet and text it. This is better organized than a text thread — but creates a different problem. A photo of a handwritten document containing your child's name, date of birth, health conditions, and your home address sits in her camera roll indefinitely. It may be backed up to cloud photo storage. It may be shared. It cannot be recalled.

Documents containing children's health information are genuinely sensitive. The combination of a child's name, date of birth, medical conditions, and home address is more information than most people realize they are sharing.

What about Google Docs or shared notes?

Sharing a Google Doc has real advantages over texting: it is structured, it updates when you edit it, and you can theoretically revoke access. But there are real problems in practice:

  • Sharing settings are confusing. Many people share Google Docs as "anyone with the link can view" — meaning the link, if forwarded, gives access to anyone. The "specific people only" setting requires her to have a Google account and sign in.
  • Access revocation is not reliable. You can remove someone from a Google Doc, but if she downloaded or printed it, that copy is gone.
  • No mobile-optimized layout. Google Docs render as small text on phones. In a stressful moment, she is pinching and scrolling to find the allergy information.
  • No audit trail. You cannot see who opened it or when.

What a more secure approach looks like

The security properties worth looking for when sharing children's health information:

  • Time-limited access — the link expires after a set time. After the babysitting shift, the information is no longer accessible through that link.
  • Revocable — you can end access at any time, not just at expiration. If you change your mind, or if the caregiver relationship ends, you cut access immediately.
  • Encrypted at rest — the underlying health data is encrypted in storage, not just in transit.
  • Audit trail — you can see when the link was opened, from what IP address, and how many times.
  • No account required for the caregiver — requiring her to create an account introduces a login credential that can be compromised, lost, or shared.
  • No persistent copy made by default — the link does not create a downloadable file that lives in her downloads folder.

The practical tradeoff

For a single casual babysitter shift, the security implications of texting are low. The information is not deeply sensitive, she will not keep the phone number for long, and the risk of harm is minimal.

The calculus changes when:

  • Your child has a life-threatening condition or allergy
  • The information includes detailed medical history, medications, or specific diagnoses
  • You are sharing with multiple caregivers over time
  • You want to be able to update the information and ensure the caregiver always has the current version
  • You want confirmation that the caregiver actually accessed the information before the shift

The question worth asking yourself

Where will your child's allergy information be in 18 months? In a text thread on your ex-babysitter's phone. In a photo in someone's cloud backup. On a Google Doc with link-sharing settings you cannot remember.

Or it will be in a revocable, time-limited link that stopped working at 11pm the night of the shift — and the only copy is in your account, encrypted.

Baton Pass generates share links that expire automatically and can be revoked instantly. The underlying health data is encrypted with AES-256. Every view is logged. The link does not persist in a text thread — it becomes inaccessible when you want it to.

Ready to build your child's pass?

Free to start. No app required for your caregiver.

Create your child's pass — free