Doxy.me
Doxy.me | Free for individual patient use, $35 per month and up for providers

Doxy.me

Fecha de la reseña 23/04/2020

Doxy.me is a popular telemedicine platform use by doctors and therapists that bills itself as "simple, free, and secure." This program works through your web browser – like Firefox, Chrome, or Safari – rather than as an app you download to your smartphone or computer. This means keeping your browser updated is crucial to protecting your privacy while online with your doctor. The telemedicine app is free for patients. Health providers and clinics must pay for the service. One thing we found in our research that raised an eyebrow is the fact that providers are able to use the very weak password of '123' for their accounts. Weak passwords are never good, especially on sensitive video calls with your therapist.

Estándares mínimos de seguridad

Cinco pasos básicos que todas las empresas deberían tomar para proteger la privacidad de los clientes. Más información.

Calificación general de seguridad
4,5/5 estrella
Cifrado
Sí
All calls on Doxy.me use end-to-end encryption.
Actualizaciones de seguridad
N/A
Doxy.me is accessed only through web browsers like Firefox, Chrome, and Safari. This puts the onus of security on the web browser. That means keeping your web browser updated so its security is always up-to-date is extremely important when using Doxy.me.
Contraseña fuerte
Sí
Doxy.me recently updated their password requirement so that new users are required to sign up with a strong password. Only health providers are required to login to accounts using a password. Patients are not required to make accounts. Existing users were able to sign up with a weak password such as "123".
Gestiona las vulnerabilidades
Sí
UPDATE 6/29.2020: Doxy.me has now added a bug bounty program
Política de privacidad
Sí
https://doxy.me/privacy-policy

¿Qué se requiere para registrarse?

Medical practitioners are required to sign in to Doxy.me using an email or with third-party Facebook or Google accounts. Patients and clients are not required to sign in at all and are unable to create an account.

¿Cómo gestiona la privacidad?

¿Cómo comparte datos?
Doxy,me is very clear that they do not store patient data. While Doxy.me does collect user (users in this case are providers, not patients) data like email address, full name, phone number, address, company name, location, and academic background, it does not appear to explicitly share data this data with third parties. Although it does give California Consumers the option of opting out of the sale of their data, which implies that Doxy.me retains that right generally. It does note that it retains the right to advertise on its site and that clicks on the icon or banner posted on Doxy.me are tracked.
¿Cómo se gestionan tus grabaciones?
Doxy.me does not allow video recording. For paid accounts, practitioners can use photo capture, which they must save to their computer hard drive.
¿Te avisa cuando las llamadas están siendo grabadas?
N/A
Doxy.me does not allow video recording. Third party apps do exist that allow for recording potentially without notifying other users, however.
¿La plataforma dice que cumple con las leyes de privacidad médica de los Estados Unidos?
Doxy.me can be HIPAA compliant. Please check with your healthcare provider to make sure the version of Doxy.me they use meets all the requirements.
Enlaces a información de privacidad

¿Puedo controlarlo?

Controles de host
Host can put patients on hold, send patients back to a waiting room, mute audio and video, use the "photo capture" tool, screenshare, and do group calls.
¿Es fácil aprender y usar las funciones?
Clients or patients don't have any controls other than "pin to main screen," "mute myself," "turn off camera" and "hide my preview." Practitioner controls are easy to find and explained at https://help.doxy.me
😮

Qué podría pasar si algo falla

We’re afraid a number of things could go wrong. Doxy.me doesn't require a strong password when health care professionals set up an account. And two-factor authentication is not an option, so accounts could easily be hacked. That means a bad person could pretend to be your doctor. Also, there is no requirement to prove you are the actual patient who is supposed to join the call, meaning doctors or therapists who don't have a previously established relationship with a patient might not know if the person who joins their virtual appointment is really who they say they are. Similarly, because the meeting starts when the provider admits the client from the waiting room (after typing their name) anyone who guesses potential patient names could be admitted, but it would only be one person at a time and the provider could end the call. This is all a bit frightening for a video call app targeted at doctors, therapists, and their potentially vulnerable patients.

Actualizaciones

Medical Privacy Gets Complicated as Doctors Turn to Video Chats
Consumer Reports
Health comes first, privacy experts say, but when you have a choice, it's best to use a service that complies with HIPAA

Comparar productos