Privacy & Security

Dot Health's Privacy Policy

Dot Health Support avatar
Written by Dot Health Support
Updated over a week ago

The privacy and security of your personal information is our first priority. We use bank-level security that ensures your personal health information is safe with us at all times. 


Dot Health employs privacy and security measures to guard against identity theft and provide security for your Personal Information. These include, but are not limited to:

  • Encrypting data during transfer and storage.

  • Maintaining access logs to ensure access is restricted to only relevant parties.

Our infrastructure is hosted on a Google Cloud platform, located in Google's Montreal data centre, which has obtained ISO 27001 certification and completes annual  SSAE16 / ISAE 3402 Type II audits.


We encrypt all data, including Personal Health Information collected used AES 256-bit encryption, and comply with all applicable provincial and federal privacy laws, including: 

  • Personal Information Protection and Electronic Documents Act (PIPEDA) across Ontario, Manitoba,New Brunswick, Newfoundland and Labrador, Northwest Territories, Nova Scotia, Nunavut, PrinceEdward Island, Saskatchewan, and Yukon.

  • Personal Information Protection Act (PIPA) in Alberta and British Columbia.

  • Act Respecting the Protection of Personal Information in the Private Sector (ARPPIPS) in Quebec

All employees who access Dot Health systems or may come in contact with customer data are bound by strict confidentiality agreements.

We regularly re-evaluate our privacy and security policies and adapt them as necessary, but we ask that you take the appropriate measures to protect your health information by keeping your account password private.

To learn more, please visit our Privacy Policy.

Did this answer your question?