For ProvidersFor Clinics
Pricing
Sign in

Security you cantrust

We understand just how important cyber security is in healthcare. That’s why we’ve done things differently.
Illustration of man with his arms crossed and a woman next to him
Cyber security can be complex. We keep it simple: we don't
store PHI. That means no loopholes, vulnerabilities, or risks that could expose patient data—because there’s nothing to be exposed.
/ 01
We know industry standards
HIPAA is constantly changing. That’s why we stay up-to-date on HIPAA and its security and privacy requirements for you. In fact, as part of our community, we help you understand and navigate these changes.
Illustration of a nurse and doctor beneath GDPR, HIPAA and AICPA SOC 2 logos
/ 02
Patient visits are incognito
Patients don’t create accounts, logins, or any other trackable information. The only way patients can be identified is through the call by you, their provider. Since the call doesn’t store PHI, patients remain anonymous.
Illustration of a person on a video call holding a sign with a question mark, with text reading “No need for an account, log in, or software download.”
/ 03
A BAA is arranged for you
Having a business associate agreement (BAA) with your telehealth platform is a HIPAA requirement. Because we keep track of the details in telehealth security, we provide a BAA, ready for you to sign.
Illustration of a hand signing a document labeled “BAA.”
/ 04
Cyber security is routine for us
Keeping our systems and software secure is a continuous process. That’s why we have processes in place that prevent intruders. And since we’re immediately alerted when there are issues, we can act quickly.
Illustration of two people looking at warning icons related to internet and cloud connections.
Illustration of a nurse and doctor beneath GDPR, HIPAA and AICPA SOC 2 logos
What to expect from our security
Icon of a person inside a frame with an exclamation mark, suggesting an alert or attention related to user identification.
24/7 monitoring
With 24/7 monitoring, we can respond immediately to any security breach or suspicious activity.
Icon of two speech bubbles containing asterisks, representing hidden or encrypted messages.
True end-to-end encryption
All chat messages and video calls sent through doxy.me remain private.
Icon of a padlock and key
Single sign-on
For added security, you can enable single sign-on to protect access to your account.
Icon of a star with a security badge
Dedicated security team
We have an information security team that is focused on staying ahead of cybersecurity threats.
Icon of a shield with a check mark inside a circular frame, representing protection or verified security.
Vulnerability scans
We proactively look for vulnerabilities, which reduces the risk of attacks.
Leading security standards—worldwide
HIPAA
HIPAA
We meet US standards for protecting patient health information.
Learn more
AICPA SOC (System and Organization Controls)
SOC 2 (Type 2)
This industry standard report was issued by an independent auditor.
Learn more
AICPA SOC (System and Organization Controls)
SOC 3
See this third-party security assessment.
View report
Icon of a padlock containing the outline of California
CPRA
We meet the requirements of the California Privacy Rights Act.
Learn more
GDPR
GDPR
We meet the EU’s standards for protecting European citizens’ data.
Learn more
Resources
Illustration of a help center search page with a search bar labeled “How can we help?” and a list of results below.
Compliance and regulations
See answers to the most common questions about our compliance.
Person sitting on a couch, smiling while using a tablet.
Privacy policy
Read the specifics on how we keep patient data private.