Doxy.me

Sign in

Security you canlockIcontrust

We understand just how important cyber security is in healthcare. That’s why we’ve done things differently.
Cyber security can be complex. We keep it simple: we don't
  • arrowarrow
  • store PHI. That means no loopholes, vulnerabilities, or risks that could expose patient data—because there’s nothing to be exposed.
    / 01
    We know industry standards
    HIPAA is constantly changing. That’s why we stay up-to-date on HIPAA and its security and privacy requirements for you. In fact, as part of our community, we help you understand and navigate these changes.
    main-image
    / 02
    Patient visits are incognito
    Patients don’t create accounts, logins, or any other trackable information. The only way patients can be identified is through the call by you, their provider. Since the call doesn’t store PHI, patients remain anonymous.
    main-image
    / 03
    A BAA is arranged for you
    Having a business associate agreement (BAA) with your telehealth platform is a HIPAA requirement. Because we keep track of the details in telehealth security, we provide a BAA, ready for you to sign.
    main-image
    / 04
    Cyber security is routine for us
    Keeping our systems and software secure is a continuous process. That’s why we have processes in place that prevent intruders. And since we’re immediately alerted when there are issues, we can act quickly.
    main-image
    main-image
    What to expect from our security
    24/7 monitoring
    With 24/7 monitoring, we can respond immediately to any security breach or suspicious activity.
    True end-to-end encryption
    All chat messages and video calls sent through doxy.me remain private.
    Single sign-on
    For added security, you can enable single sign-on to protect access to your account.
    Dedicated security team
    We have an information security team that is focused on staying ahead of cybersecurity threats.
    Vulnerability scans
    We proactively look for vulnerabilities, which reduces the risk of attacks.
    Leading security standards—worldwide
    HIPAA
    We meet US standards for protecting patient health information.
    SOC 2 (Type 2)
    This industry standard report was issued by an independent auditor.
    SOC 3
    See this third-party security assessment.
    CPRA
    We meet the requirements of the California Privacy Rights Act.
    GDPR
    We meet the EU’s standards for protecting European citizens’ data.