HotDoc recognise that your personal information is confidential and needs protection. HotDoc have a dedicated team of privacy and security experts whose job is to keep your trust with Privacy of your data and the security of our platform.
This page includes an introduction about how we protect your privacy and secure information that we hold, including links to more information. For some products, like payments, there are links to that information too.
In this article
Privacy at HotDoc
HotDoc takes steps to get your consent before we collect any of your data, either when you interact with us directly or by requiring practices to get your consent. We then commit to:
- Any data in our platform is hosted within Australia in a strictly managed environment
- We will never exploit or use your data for any reason other than to provide you with the services we explained when we collected your data
- You can opt-out of using our platform and ask to access or delete your data at any time
- Your information can only be accessed after authentication
Connections to our platform (websites and API) are encrypted to provide a secure connection with your device and to protect your information using TLS 1.2
- We will implement security protections to protect your data
Communications from HotDoc
HotDoc will only contact you if we have consent, and we'll work with Clinics to make emails and messages from HotDoc easy to identify.
You can read more about SMSs from HotDoc here: Why did I receive an SMS from HotDoc?
Scams and Phishing
There are lots of people phishing or scamming people via SMS, phone and email these days. Malicious actors can get your phone number or email address from lots of different places, and often impersonate large companies or doctor’s clinics.
To make sure you’re talking to your practice or to HotDoc:
Make sure we tell you a few things that only we would know, perhaps:
- Your Name
- The Practice or Doctor’s name
- The appointment details or
- Information that would be secret and shared with us or the practice
If we tell you less than 3 things, you may not be able to trust the message, but you might be able to trust the link or sender of the message:
- All HotDoc links will take you to hotdoc.com, hotdoc.com.au or hotdoc.io but check that the spelling is perfect
- Our emails will always come from hotdoc.com, hotdoc.com.au or hotdoc.io but check that the spelling is perfect. We have protections to help your email provider detect if an email claims to be from us but is not from us (SPF/DKIM). Look at your emails and any warnings carefully! (hints from Gmail, from Microsoft)
- We're working to get more and more of our messages sent via the HotDoc app so you can trust it. If you can, we recommend installing it to put your mind at ease using the instructions here How do I download the HotDoc app?
We know identifying scams and phishing requires vigilance, so we hope this help.
Security of our Platform
The HotDoc Platform has security built-in, and to provide, it we have been externally audited in our security practices. This includes
- We encrypt sensitive data, both in transit and at rest within our platform
- We review the security controls of the vendors and suppliers that we engage who might have access to sensitive data
- We regularly audit our systems for access, our code and our infrastructure for vulnerabilities, including paying security researchers to test our platform cannot be compromised
- We log access to your data and our systems, and monitor our services for signs of anomalous activity and audit access that could indicate a security issues
- We run our platform in Amazon Web Services, who ensure that the infratructure that hosts our platform is secure and we train our staff in the importance of security
To prove that we do all these things, we've asked an external auditor to check us against a stringent security standard. HotDoc was accredited for SOC 2 Type I in 2021, which verified our application of the Trust Service Principles - you can trust that we have implemented great security because of this external audit.
You can read more about the commitments we make for security at https://practices.hotdoc.com.au/security
Security of our Payments Feature
HotDoc Payments are facilitated using secure Payment Providers and industry-standard payment processes, that means HotDoc nor your practice will be able to see your card information.
For our payments security information, please view the links below: