At My Private Doctor, safeguarding your personal health information is our top priority. We employ industry‑leading security practices, strict compliance standards, and continuous monitoring to ensure your data remains protected at every step.
We comply fully with the Health Insurance Portability and Accountability Act (HIPAA), ensuring that all electronic Protected Health Information (ePHI) is handled according to federal privacy and security rules.
We've executed BAAs with every third‑party vendor that might process or store your ePHI, holding them to the same rigorous standards we apply in‑house.
We comply fully with the Health Insurance Portability and Accountability Act (HIPAA), ensuring that all electronic Protected Health Information (ePHI) is handled according to federal privacy and security rules.
Your records, images, and reports are protected with industry-leading encryption standards.
Our production environment uses advanced security measures and network isolation.
Strict access controls ensure only authorized personnel can view your data.
All application code undergoes peer review and automated static analysis to catch security issues before they reach production.
We track and patch third‑party libraries continuously, using automated tools to detect and remediate vulnerabilities.
Our Security Operations Center (SOC) monitors logs and metrics 24/7/365, with real‑time alerts for suspicious behavior.
We collect only the minimum data necessary to provide expert medical opinions and lab analysis, and we never share your data for marketing or with unauthorized parties.
You have the right to access, correct, or request deletion of your personal data. Contact us at privacy@myprivatedoctor.site, and we'll respond within 30 days.
Your records are retained securely for the period required by law, then irreversibly destroyed using NIST‑approved methods.
Encrypted backups of all data are taken daily and stored in geographically separate, secure data centers.
We maintain a tested disaster recovery plan that guarantees full restoration of critical systems within four hours of a major outage.
Quarterly tabletop exercises and annual full‑failover drills ensure our team is ready to respond to any incident.
We're in the process of obtaining SOC 2 Type II certification to validate our controls around security, availability, and confidentiality.
Independent auditors perform annual security and compliance audits, with results reviewed by our executive leadership and advisory board.
If you have questions about our security practices or need to report a security concern, please contact our security team immediately.
Email: Myprivatedoctor@outlook.com
Subject: Security Inquiry
Response Time: Within 2 hours for security issues