Telehealth app Doxy.me is fixing a patient health data leak
Nathan E Botts
/ Categories: Privacy, Security

Telehealth app Doxy.me is fixing a patient health data leak

A report from Cyberscoop

Overview

Cyberscoop reports that after examining the Doxy.me platform, privacy researcher Zach Edwards discovered that the company appeared to be sharing IP addresses and unique device identification numbers with Google, Facebook, and the marketing software company HubSpot.

Why is this important to me?

Cyberscoop notes that users of Doxy.me may be inadvertently grouped with other patients by Google and Facebook's advertising platforms, possibly providing data to the firms' algorithms that might infer sensitive information about a patient's health. Advertisers could then target patients with adverts that were personalized to their specific ailments.

Among the third parties named in Doxy's privacy policy are Google Analytics, Facebook Ads, Google Ads, and HubSpot. According to the corporation, "use data" includes Internet Protocol address, browser type, browser version, and a mobile device's unique ID number.

The problem is that, when joined with other data, those bits may create a formidable data collection that allows some of the world's biggest advertising platforms to track individuals online.

What should I do about it?

It is noted in the CyberScoop article that, "In its privacy policy, Doxy acknowledges that it shares “usage data” with several third parties including Google Analytics, Facebook Ads, Google Ads and HubSpot. Per the company’s definition, “usage data” can include but is not limited to Internet Protocol address, browser type, browser version, and a mobile device’s unique ID number."

So while there was usage data exposed, it was not necessarily "leaked".  If you are uncomfortable about that reach out to Doxy.me and confirm the status of the identity leak and have them confirm that your data is safe and has not been exposed beyond the definition of "usage data". Letting them know that you are a concerned patient/user is a good thing! 

You can reach out to Doxy here: https://doxy.me/en/contact/

Previous Article Cyber Vitals: Information for Patients' Medical Device Health
Next Article How to Maximize Your Personal Health Data Defense
Print
826 Rate this article:
No rating
0Upvote 0Downvote
Tags: TelehealthData LeakDoxy.me

More links

Please login or register to post comments.
How to Protect Your Privacy as More Apps Harvest Your Data How to Protect Your Privacy as More Apps Harvest Your Data

How to Protect Your Privacy as More Apps Harvest Your Data

A New York Times Personal Tech series article by Brian X. Chen

Retrieved By Health eConsultation 0 14826 Article rating: 5.0

In this article written by Brian X. Chen from the New York Times he discusses some of the potential ways in which mobile apps that you download to your phone may be collecting and using your personal data in ways you did not know.

One of the key takeaways is that there are ways in which to protect yourself and tools that can help you figure out which apps are collecting your data and how to remove their ability to do so.

Read more
Stay Private: How to Hide Your Webcam, Mute Your Mic, and Turn Off Notifications Stay Private: How to Hide Your Webcam, Mute Your Mic, and Turn Off Notifications

Stay Private: How to Hide Your Webcam, Mute Your Mic, and Turn Off Notifications

An article from Zapier

Nathan E Botts 0 14834 Article rating: 5.0

One consideration as you gather and store more personal health information on your computer and devices is making sure that you are not inadvertently sharing this information (or some other aspect of your personal health) through your webcam or mic.

This article from Zapier outlines several different ways and some handy applications that can help you control this on your PC or MAC.

Read more
Determining the Value of Compromising Your Privacy Determining the Value of Compromising Your Privacy

Determining the Value of Compromising Your Privacy

An article from Engadget

Nathan E Botts 0 9932 Article rating: No rating

This article from the Engadget web magazine discusses how your online searching behaviors might be monitored by different companies that you are unaware about. This data is likely used to build profiles that may impact the advertisements you see, credit ratings received, and other potential social network aspects as of yet identified. 

Read more
Cybersecurity: Crash Course Computer Science #31 Cybersecurity: Crash Course Computer Science #31

Cybersecurity: Crash Course Computer Science #31

Retrieved By Health eConsultation 0 14448 Article rating: No rating

Cybersecurity: Crash Course Computer Science #31Cybersecurity is a set of techniques to protect the secrecy, integrity, and availability of computer systems and data against threats. In today’s episode, we’re going to unpack these three goals and talk through some strategies we use like passwords, biometrics, and access privileges to keep our information as secure, but also as accessible as possible. From massive Denial of Service, or DDos attacks, to malware and brute force password cracking there are a lot of ways for hackers to gain access to your data, so we’ll also discuss some strategies like creating strong passwords, and using 2-factor authentication, to keep your information safe. Check out Computerphile’s wonderful video on how to choose a password! https://www.youtube.com/watch?v=3NjQ9b3pgIg Pre-order our limited edition Crash Course: Computer Science Floppy Disk Coasters here! https://store.dftba.com/products/computer-science-coasters Produced in collaboration with PBS Digital Studios: http://youtube.com/pbsdigitalstudios Want to know more about Carrie Anne? https://about.me/carrieannephilbin The Latest from PBS Digital Studios: https://www.youtube.com/playlist?list=PL1mtdjDVOoOqJzeaJAV15Tq0tZ1vKj7ZV Want to find Crash Course elsewhere on the internet? Facebook - https://www.facebook.com/YouTubeCrash... Twitter - http://www.twitter.com/TheCrashCourse Tumblr - http://thecrashcourse.tumblr.com Support Crash Course on Patreon: http://patreon.com/crashcourse CC Kids: http://www.youtube.com/crashcoursekids

Read more
RSS

What is Health eDefense?

Health eDefense is the act of protecting your personal health information. This not only protects your privacy, security, and safety, but also protects the data of your family, friends, and others in your community.

The Health eDefense platform is dedicated to providing consumers with actionable information on how to protect their personal health information effectively from cyber threats. Health eDefense provides informational content and education related to cyber security, privacy and consent, security, and related topics and policies such as HIPAA and GDPR.

Cyber security is impacting our daily lives, and our personal and protected health information is a target for hackers and criminals looking to make money off of our personal data. Your personal health data will always be about your health, demographics, social, lifestyle, financial history, and other related details. Once taken, they cannot be taken back.

We think the best cybersecurity tool is education and awareness, and we hope to provide users with tools and insight to protect themselves and their data better.