Doxy.me
Doxy.me | Free for individual patient use, $35 per month and up for providers

Doxy.me

Überprüft am: 23.04.2020

Doxy.me is a popular telemedicine platform use by doctors and therapists that bills itself as "simple, free, and secure." This program works through your web browser – like Firefox, Chrome, or Safari – rather than as an app you download to your smartphone or computer. This means keeping your browser updated is crucial to protecting your privacy while online with your doctor. The telemedicine app is free for patients. Health providers and clinics must pay for the service. One thing we found in our research that raised an eyebrow is the fact that providers are able to use the very weak password of '123' for their accounts. Weak passwords are never good, especially on sensitive video calls with your therapist.

Mindestsicherheitsstandards

Fünf wesentliche Schritte, die jedes Unternehmen umsetzen sollte, um die Privatsphäre der Verbraucher zu schützen. Weitere Informationen

Gesamtsicherheitsbewertung
4,5/5 Stern
Verschlüsselung
Ja
All calls on Doxy.me use end-to-end encryption.
Sicherheits-Updates
Nicht verfügbar
Doxy.me is accessed only through web browsers like Firefox, Chrome, and Safari. This puts the onus of security on the web browser. That means keeping your web browser updated so its security is always up-to-date is extremely important when using Doxy.me.
Sicheres Passwort
Ja
Doxy.me recently updated their password requirement so that new users are required to sign up with a strong password. Only health providers are required to login to accounts using a password. Patients are not required to make accounts. Existing users were able to sign up with a weak password such as "123".
Umgang mit Schwachstellen
Ja
UPDATE 6/29.2020: Doxy.me has now added a bug bounty program
Datenschutzrichtlinie
Ja
https://doxy.me/privacy-policy

Warum muss ich mich registrieren?

Medical practitioners are required to sign in to Doxy.me using an email or with third-party Facebook or Google accounts. Patients and clients are not required to sign in at all and are unable to create an account.

Wie geht es mit Privatsphäre um?

Wie werden Daten ausgetauscht?
Doxy,me is very clear that they do not store patient data. While Doxy.me does collect user (users in this case are providers, not patients) data like email address, full name, phone number, address, company name, location, and academic background, it does not appear to explicitly share data this data with third parties. Although it does give California Consumers the option of opting out of the sale of their data, which implies that Doxy.me retains that right generally. It does note that it retains the right to advertise on its site and that clicks on the icon or banner posted on Doxy.me are tracked.
Wie werden meine Aufzeichnungen behandelt?
Doxy.me does not allow video recording. For paid accounts, practitioners can use photo capture, which they must save to their computer hard drive.
Benachrichtigen, wenn Anrufe aufgezeichnet werden?
Nicht verfügbar
Doxy.me does not allow video recording. Third party apps do exist that allow for recording potentially without notifying other users, however.
Gibt die Plattform an, dass sie sich an die US-amerikanischen Gesetze zum Schutz der Privatsphäre hält?
Ja
Doxy.me can be HIPAA compliant. Please check with your healthcare provider to make sure the version of Doxy.me they use meets all the requirements.
Verweist auf Datenschutzinformationen

Kann ich es kontrollieren?

Einstellungsmöglichkeiten für Gastgeber
Host can put patients on hold, send patients back to a waiting room, mute audio and video, use the "photo capture" tool, screenshare, and do group calls.
Ist es einfach, die Funktionen zu erlernen und zu verwenden?
Ja
Clients or patients don't have any controls other than "pin to main screen," "mute myself," "turn off camera" and "hide my preview." Practitioner controls are easy to find and explained at https://help.doxy.me
😮

Was könnte passieren, wenn etwas schief geht?

We’re afraid a number of things could go wrong. Doxy.me doesn't require a strong password when health care professionals set up an account. And two-factor authentication is not an option, so accounts could easily be hacked. That means a bad person could pretend to be your doctor. Also, there is no requirement to prove you are the actual patient who is supposed to join the call, meaning doctors or therapists who don't have a previously established relationship with a patient might not know if the person who joins their virtual appointment is really who they say they are. Similarly, because the meeting starts when the provider admits the client from the waiting room (after typing their name) anyone who guesses potential patient names could be admitted, but it would only be one person at a time and the provider could end the call. This is all a bit frightening for a video call app targeted at doctors, therapists, and their potentially vulnerable patients.

Aktualisierungen

Medical Privacy Gets Complicated as Doctors Turn to Video Chats
Consumer Reports
Health comes first, privacy experts say, but when you have a choice, it's best to use a service that complies with HIPAA

Produkte vergleichen