1. HotDoc Help
  2. Security and Privacy
  3. Privacy and Security

Privacy and Security at HotDoc

Last updated

HotDoc recognise that your personal information is confidential and needs protection. HotDoc have a dedicated team of privacy and security experts whose job is to keep your trust with Privacy of your data and the security of our platform.

This page includes an introduction about how we protect your privacy and secure information that we hold, including links to more information. For some products, like payments, there are links to that information too.

 

    In this article

 

Privacy at HotDoc 

ⓘ IMPORTANT

HotDoc has a strict privacy policy that commits us to protections that are as strong as those your would expect from your practitioner. 

HotDoc takes steps to get your consent before we collect any of your data, either when you interact with us directly or by requiring practices to get your consent. We then commit to:

  • Any data in our platform is hosted within Australia in a strictly managed environment
  • We will never exploit or use your data for any reason other than to provide you with the services we explained when we collected your data
  • You can opt-out of using our platform and ask to access or delete your data at any time
  • Your information can only be accessed after authentication

  • Connections to our platform (websites and API) are encrypted to provide a secure connection with your device and to protect your information using TLS 1.2

  • We will implement security protections to protect your data

If you want to find out more about our commitment to your privacy, you can read through our privacy policy

 

Communications from HotDoc

HotDoc will only contact you if we have consent, and we'll work with Clinics to make emails and messages from HotDoc easy to identify.

You can read more about SMSs from HotDoc here: Why did I receive an SMS from HotDoc?

If you want to opt out, you can contact us using the details in our privacy policy. As required by the SPAM Act, you can opt out of Marketing Communications using a link inside the SMS or email.

 

Scams and Phishing

There are lots of people phishing or scamming people via SMS, phone and email these days. Malicious actors can get your phone number or email address from lots of different places, and often impersonate large companies or doctor’s clinics.

To make sure you’re talking to your practice or to HotDoc:

  • Make sure we tell you a few things that only we would know, perhaps:
    • Your Name
    • The Practice or Doctor’s name
    • The appointment details or 
    • Information that would be secret and shared with us or the practice

If we tell you less than 3 things, you may not be able to trust the message, but you might be able to trust the link or sender of the message: 

  • All HotDoc links will take you to hotdoc.com, hotdoc.com.au or hotdoc.io but check that the spelling is perfect
  • Our emails will always come from hotdoc.com, hotdoc.com.au or hotdoc.io but check that the spelling is perfect. We have protections to help your email provider detect if an email claims to be from us but is not from us (SPF/DKIM). Look at your emails and any warnings carefully! (hints from Gmail, from Microsoft)
  • We're working to get more and more of our messages sent via the HotDoc app so you can trust it. If you can, we recommend installing it to put your mind at ease using the instructions here How do I download the HotDoc app?

We know identifying scams and phishing requires vigilance, so we hope this help.

 

Security of our Platform

The HotDoc Platform has security built-in, and to provide, it we have been externally audited in our security practices. This includes

  • We encrypt sensitive data, both in transit and at rest within our platform
  • We review the security controls of the vendors and suppliers that we engage who might have access to sensitive data
  • We regularly audit our systems for access, our code and our infrastructure for vulnerabilities, including paying security researchers to test our platform cannot be compromised
  • We log access to your data and our systems, and monitor our services for signs of anomalous activity and audit access that could indicate a security issues 
  • We run our platform in Amazon Web Services, who ensure that the infratructure that hosts our platform is secure and we train our staff in the importance of security 

To prove that we do all these things, we've asked an external auditor to check us against a stringent security standard. HotDoc was accredited for SOC 2 Type I in 2021, which verified our application of the Trust Service Principles - you can trust that we have implemented great security because of this external audit.

You can read more about the commitments we make for security at https://practices.hotdoc.com.au/security 

 

Security of our Payments Feature

HotDoc Payments are facilitated using secure Payment Providers and industry-standard payment processes, that means HotDoc nor your practice will be able to see your card information.

For our payments security information, please view the links below:

Related articles