Doxy.me servers do not store any patient information or other data that might be considered PHI.
Doxy.me relies on redundant AWS-supported servers located in the United States to support the service. AWS servers are SOC 2 certified, abide by FIPS 140-2 standards, and are maintained in compliance with HIPAA regulations.
However, our servers are meant to provide general services and do not provide the audio/video connection.
Doxy.me servers are used to establish a connection between the provider and the patient. After that, the video calls are peer-to-peer—meaning the audio/video data flows directly between the two individuals on the call, not through doxy.me servers.
Group calls use routing servers to maintain connection quality. Still, the routed data between the parties are always encrypted.
The key point is that all transmitted data are encrypted point-to-point using standards-based technologies. See details in our Security and Privacy Overview
The Doxy.me platform does not store or collect protected health information (PHI) or any patient details (including name). No patient data are stored on any of our servers.
If you have any questions, please contact our support team.