How do we safeguard data?

At Zocdoc, we are committed to the security and privacy of patients and providers. This means we’re always working hard to safeguard your data and continually earn your trust. We undergo industry security standard audits, such as SOC 2 Type II and HITRUST, annually, to maintain high standards., along with Zocdoc Marketplace, Bookable Directory (an enterprise tool from Zocdoc), and our office infrastructure have earned Certified status (CSF v9) for information security by HITRUST. Keeping your information secure is a top priority for us. Here are some of the ways we protect it:


-Privacy and security training: Everyone at Zocdoc receives training to ensure that we stay focused on privacy and security. This includes privacy training that covers HIPAA ( the Health Insurance Portability and Accountability Act, which establishes national standards for protecting the identifiable health information of health plan beneficiaries and patients) as well as additional security training administered by a third party.


-Strong encryption: We employ industry standard technology to safeguard data and our technology is evaluated annually by third party auditors. Our site uses SHA-256 encryption and Zocdoc data is transmitted over Transport Layer Security (TLS) connections (HTTPS).


-Secure storage: Zocdoc leverages Amazon Web Services (a leading cloud computing services provider) to store data in physically and electronically secure facilities.


-Expert auditing: Zocdoc works with outside experts to maintain high standards and rigorous security practices. We hire third parties to test our service and processes as part of our recurring penetration test program, as well as conduct HITRUST and SOC 2 Type II audits.


-Smart features: We build features that protect data on your end, too. For instance, we automatically sign you out of your account if you’re inactive, we set requirements on your password strength, and we lock your account if the wrong password is entered too many times.