Doxy.me is a telehealth platform offering both free and paid versions of their software. The problem with many free software platforms is that they are not HIPAA compliant, and therefore cannot be used to provide telehealth services. Is the free version of doxy.me HIPAA compliant?
Doxy.me and HIPAA Compliance
As business associates, software providers are required to ensure the confidentiality, integrity, and availability of electronic protected health information (ePHI) shared through their platform. As such, an important factor to consider when determining whether or not doxy.me is HIPAA compliant is what security features they offer their users. Doxy.me addresses security by enabling encryption, access controls, and audit logs, all of which are HIPAA-compliant security measures.
Another factor to consider is whether or not doxy.me will sign a business associate agreement (BAA) with their users. Often, software providers will only sign a BAA with their paid clients. When software providers do not sign a BAA with their free users, the free version of their software cannot be considered HIPAA compliant. This is because, without a BAA, the privacy and security of ePHI filtered through the software can be easily compromised. Software providers that will sign a BAA agree to be HIPAA compliant and are responsible for implementing safeguards to keep ePHI private and secure. Video conferencing tools such as Zoom, GoToMeeting, and Webex only sign BAAs for users with their paid versions, so they should not be used for telehealth.
Is Doxy.me HIPAA Compliant?
Yes, both the free and paid versions of Doxy.me are HIPAA compliant, provided users have a signed BAA and use the platform properly. Doxy.me is a telehealth platform that will sign BAAs with users on their free version, so it is a free telehealth platform that is HIPAA compliant.
HIPAA Resources
Need assistance with HIPAA compliance? Compliancy Group can help! They help you achieve HIPAA compliance with Compliance Coaches® guiding you through the entire process. Find out more about the HIPAA Seal of Compliance® and Compliancy Group. Get HIPAA compliant today!
Essential Telehealth Law & Ethical Issues
Bring your telehealth practice into legal compliance. Get up to date on inter-jurisdictional practice, privacy, HIPAA, referrals, risk management, duty to warn, the duty to report, termination, and much more!
Accepting Telehealth Jobs: 5 Big Legal & Ethical Mistakes to Avoid
Do you have questions about being employed or looking for employment from a digital health company? Online employment can pose dilemmas that leave clinicians at a loss for how to proceed. This program will answer your questions about how or reasonably uphold your legal and ethical mandates.
HIPAA Compliant Cybersecurity for Professionals
Must-know information about how to protect your telehealth practice from a ransomware attack. Operate w/ EYES WIDE OPEN.