- We use most secure cloud services available for user access control and health record storage.
- Identity access management is used to limit what each user account can access.
- All communications between App and Cloud are done on secure https protocol.
- At-rest data in App and Cloud are always encrypted.
- Health records and request history are further encrypted with user-unique password at App level for additional security.
- Name and Date of Birth are stored in encrypted form on servers.
- Our service providers (cloud, email and electronic fax) has shown similar level of commitments and signed agreements stating same.
- You are always in full control over health record and request history. You can delete them at anytime from your account. We do not store your personal and health information beyond the time you want us not to do so.
- Your information is not analyzed or shared with anyone except for facilitating your personal usage and your decision to controllably share to others. When you use our chat services, you decide how much information is shared.
- After we upload your medical records (received from email, fax, in-App camera or mail) to your account, we do not keep copy of them beyond 7 days.
- Only you decide who gets a limited summary of your health record. This access is further limited to 1 hr and self-delete completely after 7 days.
- When possible, we disable the screenshot of your shared information.
- Shared information never contains your full personal identifiers. The personal identifiers that are shared, if you chose to, are limited to first name and birth month.
- Besides our cloud, email and electronic fax providers, we do not work with any third-parties who could have access to your information. We will never use or sell your information for any marketing and research purpose.
- We do not keep detail logs of your requests beyond 7 days (7 days is set mainly for troubleshooting issues). This limit us from meeting all record keeping guidelines in HIPAA as listed in 45 CFR Part 164.524. We meet other guidelines listed for Privacy and Security. Being fully compliant would have required us to track closely who you share your results with and maintain a record of same for at least 6 year. We designed this platform primarily to break barriers in sexual health discussion and give the level of anonymity that users expect. As we grow, we will perform annual HIPAA audit by independent companies and demonstrate our commitment to safeguard your health information.
NOTE: We are not a Business Associate of any Covered Entity (click here for definitions)
While we follow best industry practices to keep your information secure, we expect similar things at your end as well. For more details, please check our Terms of Service
- Never share your username and password together with another person.
- Do not write your password on paper or save in a computer.
- Username alone may be shared for our sharing feature. However, do not write it on your social media profiles.
- Only remember a device that only belongs to you.
- Never share SMS or Email verification codes with anyone.
- If you device is lost, report us immediately so we can temporarily block your account.
- Always logout at end of each session.