Doxy.me

Sign in

Why you want a HIPAA-compliant platform

Laptop with a hipaa compliant logo on the screen

Over the last two months, telemedicine has been brought into sharp focus as a logical solution to the Coronavirus pandemic. Doctors can see patients, hospitals can ease fears, waiting rooms can be kept clear and in-person visits can be reserved for those who really need medical attention immediately.

Since telemedicine is quickly becoming the norm, why can’t you just use FaceTime or Skype to talk to your doctor? Many of us use those apps already, and there’s no learning curve involved.

The thing is, you don’t want to use those familiar apps for chats with your doctor. They aren’t secure, and this is one area of your life where you don’t want to worry about security. You know the phrase “HIPAA-compliant” and you know you want this feature in a healthcare situation. What does it mean?

There is no official government accreditation or auditing process that deems a company HIPAA compliant. (Having said that, there are plenty of ways to be fined/investigated for non-compliance.) Any company that touches any aspect of healthcare is required to “[i]mplement policies and procedures to prevent, detect, contain, and correct security violations” and then conduct an annual risk assessment to ensure compliance, which we do. FaceTime, Skype or Zoom don’t have to meet these standards.

If you’re interested, you can check out full guidance offered here.

We’ve all seen the recent converge about Zoombombing, and now a class-action lawsuit has been filed against Zoom as well. That won’t happen with Doxy.me; we are a peer-to-peer platform, and encrypted end-to-end so video traffic goes directly between patients and providers. No servers in between ever have access to unencrypted traffic. Patients check into a waiting room and the provider selects who to start a call with. So there is no zoombombing on Doxy.me, because the provider is in full control. This is important. Providers can even set a passcode to keep unwanted people out. Another aspect of peer-to-peer: there’s no software to download or apps to install, so there’s less chance of malware or attacks. The same holds true on the other end; patients don’t have to create accounts; they simply hop into their provider’s Doxy.me room.

If a doctor asks you to use something like Facebook Messenger for a telehealth visit (or for any reason) you would be entirely within your rights to ask for a more secure platform for the interaction. In fact, patients should ensure that their medical practitioners are using a platform that is stable and HIPAA compliant. Depending on the type of account chosen, a doctor can get an account up and running on Doxy.me in as fast as five minutes.

Every aspect of the Doxy.me experience is simply better for both providers and patients.