Doxy.me leak exposes provider data to third parties

Telehealth provider Doxy.me allowed third parties, including Google, Facebook, and HubSpot, to access data about providers through its virtual waiting room. The issue arose because providers often include their names in the waiting room URLs. While patient health data was not exposed, user browser details were collected for a marketing campaign. Doxy.me has since removed all third-party URLs and is in the process of removing the collected data. The company emphasized that it does not collect or store patient health information.