Maintaining a secure platform involves several factors, processes, and responsibilities. 

Our responsibility to maintain security

Doxy.me complies with the security and privacy requirements of the healthcare industry. Here are the following ways we maintain security:

  • Patient health information (PHI) is not stored, as a result this data cannot be stolen from Doxy.me servers
  • Point-to-point NIST-approved AES 128 bit encryption is used for all video & audio communication
  • Full volume encryption and 256-bit AES encrypted keys used on data stored at rest¬†
  • HIPAA and HITECH compliant servers
  • OSSEC intrusion detection, file integrity monitoring, log monitoring, root check, and process monitoring¬†
  • Signed Business Associates Agreement provided
  • Annual HIPAA risk assessments conducted
  • Auditing, logging, backup and disaster recovery policies and procedures in place

Your responsibility to maintain security

To comply with HIPAA you also have some responsibilities while using Doxy.me:

  • Sign the Business Associates Agreement
  • Do not share your login email and password
  • Keep your browser, operating system and software up to date
  • Install and utilize antivirus and firewall programs

For any other privacy and security questions, contact our support team.

Did this answer your question?