Doxy.me

Doxy.me

Review date: 09/08/2021

Doxy.me is a popular HIPAA compliant telemedicine platform used by doctors and therapists. It only works through web browsers – like Firefox, Chrome, or Safari – rather than as an app you download to your smartphone or computer. This means keeping your browser updated is crucial to protecting your privacy while online with your doctor. The telemedicine app is free for patients. Health providers and clinics must pay for the service. Doxy.me saw huge growth in 2020 because of the pandemic -- going from 80,000 users to over 750,000 in around six months. We’ll give them plenty of props for a clever April Fools joke they pulled announcing the release of their telemedicine app for dogs, Dogsee.me. Cute, and a fundraiser for a local animal rescue. Winning!

What could happen if something goes wrong

When we reviewed Doxy.me in 2020, we found a number of worrying privacy and security concerns. In our conversations with the company, a lot of these seemed to come from the growing pains of adding so many users so quickly during the pandemic. We’re really happy to see Doxy.me appears to have cleaned up many of the concerns we had last year. They now require a strong password to login by healthcare providers, which they didn’t last year. Because patients don’t need to set up an account with Doxy.me to use the service (only healthcare providers do) they do not collect patient data, which is nice. There a still a couple of things users should be mindful of. Because Doxy.me runs only a web browser, it is crucial users keep their browsers up-to-date to ensure the best possible security. And a couple tips to help keep your telehealth session secure: Ask you healthcare professional if they've secured the session on their end, don't use public WiFi, be aware of any personally identifiable information in your background or on your screen, and turn of any nearby device that could record your conversation.

Privacy

Can it snoop on me?

Camera

Device: N/A

App: Yes

Microphone

Device: N/A

App: Yes

Tracks Location

Device: N/A

App: No

What is required to sign up?

Users do not have to sign up for an account

What data does it collect?

How can you control your data?

If a file is sent to the provider a photo is captured, this will be sent via end-to-end encryption and then destroyed after 15 minutes. If a clinician deletes their account, it is marked as such and removed from all systems within 30-days.

What is the company’s known track record for protecting users’ data?

Average

No track record of data leaks so far. When we reviewed Doxy.me in 2020, we found a number of worrying privacy and security concerns. Now, it seems like these have been cleaned up.

Can this product be used offline?

Not applicable

User friendly privacy information?

Yes

Privacy information is short and holistic. More Q&A format would be appreciated though.

Links to privacy information

Security

Does this product meet our Minimum Security Standards?

Yes

Encryption

Yes

End-to-end encryption of the calls.

Strong password

Yes

For a sign up, a strong password is required (an update since 2020).

Security updates

Yes

According to Doxy.me, web platform is continually updated to respond to the latest security vulnerabilities and trends.

Manages vulnerabilities

Yes

Has a bug bounty program.

Privacy policy

Yes

Artificial Intelligence

Does the product use AI?

No

Updates

Doxy.me Launches Dogsee.me, The First Telemedicine Solution For Dogs
PR Newswire
dogsee.me—a new telemedicine service where dogs can log in to a virtual clinic and meet with a team of dogtors.
Doxy.me Experiences 10X Growth in Provider Users and Reaches Over 100 Million Patient Telehealth Visits
Intrado
The telemedicine platform surpasses 10,000 clinic sign ups
Telehealth Securtiy and Privacy Tips for Patients
NIST
Demand for telehealth services skyrocketed in 2020 in response to social distancing recommendations from the COVID-19 pandemic, and is continuing its ascent into 2021 and beyond. While telehealth is convenient, it can also unexpectedly add cybersecurity risk and impact the privacy of patient information.
Beware Using Telemedicine for Voice and Speech Therapy
Boston Univeristy
Popular teleconferencing platforms—Zoom, Webex, Microsoft Teams, Doxy.me, and VSee—pose challenges for effectively evaluating treatment

Comments

Related products