About Doximity
Doximity was established in 2011 with a mission to offer an online networking service for medical professionals. The platform offers its members curated medical news, case collaboration and messaging capabilities.
Doximity Support
You can get answers to many common support questions by visiting the Doximity Documentation Page or the Doximity Support Request Page where you can submit an online request.
Phone support is available by calling (650) 549-4330 during normal weekday business hours (Monday – Friday, 9:00-5:00 Pacific Time). But please try the above options first.
Doximity Secure Video Calling
In 2020, in response to COVID-19, healthcare providers began looking for alternatives to in-person patient consultations.
Doximity responded to that need with a solution that would allow physicians and patients to have simple secure two-way video communications.
Doximity Patient Experience
What makes Doximity an exceptional video communication solution is its simplicity of use. There is no app for the patient to install. There is no account that needs to be setup. The patient can simply click on a link from their physician and in a few steps begin a video session. This reduces call time and almost entirely eliminates the need for tech support.
Below are screenshots showing a Doximity test session from the patient perspective. Any identifiable information about the doctor or patient has been replaced with generic information.
STEP 1 – Text Message
The patient receives a text message from their doctor. Note that the doctor’s phone number does not show. Instead, the text message sending ID shows.
STEP 2 – Consent
The patient is presented with a consent message to accept.
STEP 3 – Activation Link
Instead of abruptly being sent into a video session, the patient is given a confirmation link to initiate the session.
STEP 4 – Allow Device Access
The patient will need to permit the Doximity system to access their microphone and camera for the video session to work properly. This step is required by the smartphone’s built-in security and privacy settings.
STEP 5 – Join Video Call
The patient is prompted to join the video call. The patient should click on the Join Video Call message to start the video call.
STEP 6 – Wait for Doctor
There will be a brief moment of waiting while the doctor joins the video call.
STEP 7 – Video Call In Progress
When the video call is in progress, the patient will see the doctor’s video mostly filling their screen with a small inset image of the patient’s own video camera image.
STEP 8 – Finish Video Call
By pressing the familiar red ‘end call’ button icon in the bottom of the screen (shown above), the patient can end the video call. They will then see the following screen confirming the call has ended. The patient should close this browser window.
STEP 9 – Player Controls on Lock Screen
The patient may be confused by seeing a player control window on their smartphone’s lock screen. This is a function of how the iPhone handles multimedia software. It does not mean the session is still active. The iPhone will sometimes display player controls for the last app to be running when the iPhone was turned off. To disable the controls, go back to your iPhone home screen and close out of the browser used for the session as instructed in Step 8.
Industry Context – Security and Privacy
To understand the significance of the Doximity video solution, it’s important to briefly review the context and present events of the video conferencing tech industry.
By early 2020, a popular video communications company called Zoom promised Video Conferencing for Telehealth with HIPAA compliance.
Despite security concerns raised in July 2019 by Apple and others, Zoom was used in early 2020 by some medical professionals, educators, and others in response to the need for social distancing.
Use of the Zoom service increased dramatically. In December 2019, there were about 10 million Zoom users per day, but by March 2020, that number increased to 200 million users per day.
Then, in late March 2020, multiple Zoom privacy vulnerabilities resulted in the United States Senate, the FBI, Google, and others alerted the public to growing security concerns about Zoom.
Zoom took some steps to improve security, but for many it was too little too late. A backlash had already begun.
- 2 April 2020. The New York Times reported: “A Feature on Zoom Secretly Displayed Data From People’s LinkedIn Profiles.” This article revealed that Zoom had been unnecessarily invasive, sloppy, and lacking in transparency about privacy.
- 3 April 2020. A Forbes article explained: “Why Most Should Avoid An ‘Out Of Control’ Zoom Right Now.”
- 8 April 2020. It was reported by Business Insider: “Google has banned the Zoom app from all employee computers over ‘security vulnerabilities‘” Other companies began removing Zoom from their computers.
It was clear that a more secure service was needed for healthcare providers.
Doximity is Secure by Design
Doximity and Zoom were both founded in 2011. Both companies have had about 9 years of experience to develop their video solutions.
In light of the recent Zoom fiasco, why would we think Doximity could have different privacy and security outcomes? Their solutions use similar technologies – video cameras, smart phones, the Internet, etc. Presumably similar types of industry professionals helped develop their solutions.
Here are some reasons why the design of Doximity makes it more secure.
- Account. The patient does not have a user account that can be hacked.
- Computer. The patient is not using a computer that could be compromised by viruses.
- Content. While healthcare discussions are considered highly private, personal, and protected, the content of a random and brief doctor-patient interaction is of little value to a hacker. It does not contain credit card information, account logins, corporate confidential information, or other such details.
- Individual. The Doximity video sessions are designed to be one-to-one interactions. There are not large groups of people in a given session. There’s no expectation or technical mechanism to facilitate additional visitors on a video call.
- Link. The link to the communication session is sent via text message directly to the patient’s phone, not through email which could be read by others.
- Software. The patient does not have software installed that can be compromised.
- Users. The use of Doximity is limited to a specific and small group of people which make it less likely to be of value to hackers.
- Website. The patient does not interact with a website that can be spoofed.
So, in summary, although Doximity seems to be doing something similar in function to Zoom, it is entirely different in how it is designed. This makes it more secure.
NOTE: The only potential security vulnerability for Doximity would be if a phone were to have a screen recorder running, but this is a vulnerability for any software on any device. At present, screen recording capabilities are only activated by the user of the device with their knowledge.
Further Reading
The following resources were used for the above document. They are available for those wanting to learn more.
- COVID-19 Strategic Response Portal [Website]
- Doximity [Website, Wikipedia]
- Zoom [Telehealth PDF, HIPAA PDF, Website]
Page Visitors
The maps below show anonymized locations for recent visitors to this page as of 19 Apr 2020 at 3:38 PM CT.