Hekimdoktor - The Universal Language of Health

HIPAA Compliance & Health Data Protection

HIPAA Compliance at HekimDoktor

HekimDoktor is committed to protecting the privacy and security of health information in full compliance with the Health Insurance Portability and Accountability Act (HIPAA) of the United States.

🔐 Data Encryption

All data transmitted between your device and our servers is encrypted with TLS 1.3, the latest transport security protocol. At rest, your data is protected with AES-256 encryption — the same military-grade standard used by governments and financial institutions worldwide.

🏥 HIPAA Standards

We implement comprehensive safeguards to protect Protected Health Information (PHI):

  • Administrative Safeguards: Staff training, access management policies, and incident response procedures.
  • Physical Safeguards: Data center security, workstation use policies, and device controls.
  • Technical Safeguards: Access controls, audit controls, integrity controls, and transmission security.

🔑 Role-Based Access Control (RBAC)

  • Patients can view and manage only their own records.
  • Doctors can access patient information only within the scope of their care relationship.
  • Hospitals & Clinics have access limited to their affiliated patients and staff.
  • Administrators manage platform operations without access to individual health records.

🛡️ Cloudflare Enterprise Protection

  • Web Application Firewall (WAF) against OWASP Top 10 vulnerabilities
  • Enterprise-grade DDoS protection
  • Bot management and rate limiting
  • Global CDN for secure, fast content delivery

🏗️ Technical Infrastructure

  • Next.js modern web framework with server-side rendering
  • PostgreSQL database with encrypted connections
  • Regular security audits and penetration testing
  • Automated vulnerability scanning

Your Rights

  • Access your health information
  • Request corrections to your records
  • Receive an accounting of disclosures
  • Request restrictions on certain uses
  • File a complaint if you believe your rights have been violated

For questions about our HIPAA compliance, contact us at privacy@hekimdoktor.com.

Last updated: March 2026