Review Date 04/23/2020
What is required to sign up?
Medical practitioners are required to sign in to Doxy.me using an email or with third-party Facebook or Google accounts. Patients and clients are not required to sign in at all and are unable to create an account.
How does it handle privacy?
Can I control it?
What could happen if something went wrong
We’re afraid a number of things could go wrong. Doxy.me doesn't require a strong password when health care professionals set up an account. And two-factor authentication is not an option, so accounts could easily be hacked. That means a bad person could pretend to be your doctor. Also, there is no requirement to prove you are the actual patient who is supposed to join the call, meaning doctors or therapists who don't have a previously established relationship with a patient might not know if the person who joins their virtual appointment is really who they say they are. Similarly, because the meeting starts when the provider admits the client from the waiting room (after typing their name) anyone who guesses potential patient names could be admitted, but it would only be one person at a time and the provider could end the call. This is all a bit frightening for a video call app targeted at doctors, therapists, and their potentially vulnerable patients.