Only patients and health professionals can access their data if they use end-to-end encryption, as the company claims. However, especially for the appointment reminder service via email and SMS, DoctoLip needs to know the patient’s date, time, identification and expert advice. Since it is difficult to justify the need to know this information for the proper functioning of Doctolipin services, it is already a little more subtle to the question of reason for consultation.
Asked by France InformationCompany Specifies ” Very few employees access medical appointments at specific times and for specific reasons as part of support activities “. However, this is a potential flaw, Knowing that Doctolip has already been attacked in July 2020 for data theft related to medical appointments .
The company will therefore have full interest in gaining transparency in the matter of encryption. In fact, disclosing the content of the appointments could lead to a breach of medical confidentiality, while attorney Alexandra Ityanu was also questioned. France Information” We do not prohibit any malicious use or transmission of this data by a Doctolib employee with malicious intent. […] It could be an insurer or your employer. But this data can be resold on the Internet “.