Like HIPAA, GDPR is an important privacy and security policy for those of living in or providing care to patients in the European Union. Doxy.me is GDPR compliant on our paid plans.
Doxy.me allows you to comply with GDPR because:
- You can enable custom terms of service- GDPR requires specific opt-in for anyone that needs to comply with GDPR. You will need enable custom terms of service for your patients during check in. This requires you to be a Professional or Clinic user.
- Patient data is not stored - Doxy.me does not store personally identified information about your patients, therefor there are no additional requirements for data storage protections
- We'll sign a Data Protection Addendum - GDPR requires we sign a EU Data Protection Addendum with you. To get the addendum signed, email email@example.com.
- We have EU-U.S. and Swiss-U.S. Privacy Shield certification - We are certified under the Privacy Shield (pending status) frameworks to satisfy data export requirements.
- You can request to delete or update data - A user has the right to email firstname.lastname@example.org to correct, access, or delete information.
For any other GDPR questions about Doxy.me, contact our support team.