The privacy and security of your personal information is our first priority. We use bank-level security that ensures your personal health information is safe with us at all times.
Dot Health employs privacy and security measures to guard against identity theft and provide security for your Personal Information. These include, but are not limited to:
Encrypting data during transfer and storage.
Maintaining access logs to ensure access is restricted to only relevant parties.
Our infrastructure is hosted on a Google Cloud platform, located in Google's Montreal data centre, which has obtained ISO 27001 certification and completes annual SSAE16 / ISAE 3402 Type II audits.
We encrypt all data, including Personal Health Information collected used AES 256-bit encryption, and comply with all applicable provincial and federal privacy laws, including:
Personal Information Protection and Electronic Documents Act (PIPEDA) across Ontario, Manitoba,New Brunswick, Newfoundland and Labrador, Northwest Territories, Nova Scotia, Nunavut, PrinceEdward Island, Saskatchewan, and Yukon.
Personal Information Protection Act (PIPA) in Alberta and British Columbia.
Act Respecting the Protection of Personal Information in the Private Sector (ARPPIPS) in Quebec
All employees who access Dot Health systems or may come in contact with customer data are bound by strict confidentiality agreements.
We regularly re-evaluate our privacy and security policies and adapt them as necessary, but we ask that you take the appropriate measures to protect your health information by keeping your account password private.