Telehealth app Doxy.me is fixing a patient health data leak
A report from Cyberscoop
Cyberscoop reports that after examining the Doxy.me platform, privacy researcher Zach Edwards discovered that the company appeared to be sharing IP addresses and unique device identification numbers with Google, Facebook, and the marketing software company HubSpot.
Why is this important to me?
Cyberscoop notes that users of Doxy.me may be inadvertently grouped with other patients by Google and Facebook's advertising platforms, possibly providing data to the firms' algorithms that might infer sensitive information about a patient's health. Advertisers could then target patients with adverts that were personalized to their specific ailments.
The problem is that, when joined with other data, those bits may create a formidable data collection that allows some of the world's biggest advertising platforms to track individuals online.
What should I do about it?
So while there was usage data exposed, it was not necessarily "leaked". If you are uncomfortable about that reach out to Doxy.me and confirm the status of the identity leak and have them confirm that your data is safe and has not been exposed beyond the definition of "usage data". Letting them know that you are a concerned patient/user is a good thing!
You can reach out to Doxy here: https://doxy.me/en/contact/