How do I get the records from my doctor?

Based on the Data Protection Act (DSA), every person has the right to receive an individual's complete medical history from his or her healthcare provider.

Health and medical data of this kind is personal data that is particularly worthy of protection. Each individual must be correspondingly careful with his or her own data. Please also pay attention to your own data!

Request data

Every (natural) person is entitled to the above right to information. The data can be requested from the respective healthcare providers as data processors in a variety of ways, for example by letter, e-mail or telephone.

The „doctogo“ app offers the option of sending such requests for information with the help of the app via the stored e-mail address and thus requesting the respective data from the healthcare providers. The „doctogo“ app does not involve any data processing in this context. You can proceed as follows: As soon as you have registered and are thus in the „doctogo“ app, you must click on the three lines in the upper right corner to the functions of the app and tap on "Request health data". After that, you can fill in the fields needed to send the request and send the request.

Once you have received the documents from your doctor or other health professionals, you can add them to one of the folders that are already categorized in the „doctogo“ app.

How can I share my records with my health care provider?

With the „doctogo“ app you can share the records in two different variants. The first variant is when you are at the doctor's office and want to transfer the data. This variant is called „Onsite“. The second variant is when you are not onsite at the doctor's office. This variant is called „Offsite“.

„Onsite“ or when you are on site

In the «Onsite» variant, the user of the «doctogo» app is on site at the respective healthcare provider and wants to share healthcare and medical data, namely files stored in the «doctogo» app, with the respective healthcare provider on site.

The files to be shared must first be selected by the user in a first step.

In a second step, the user is asked to enter the title, first and last name, and e-mail address of the respective healthcare provider.

In a third step, the «doctogo» app then sends an automatically generated e-mail from the «doctogo» e-mail server to the respective healthcare provider based on the data entered in the second step, informing the respective healthcare provider that the specifically named user would like to share a document. In addition, this e-mail contains a link to a subpage of the «doctogo» website.

In a fourth step, the respective healthcare provider has to click on the link of the e-mail received in the third step, which takes him or her to a subpage of the «doctogo» website.

This (sub)web page, which is accessible via the link mentioned in the fourth step, contains a QR code, which the user can then scan on site with the «doctogo» app in a fifth step, thereby granting authorization to download the files.

When the user has given the approval mentioned in the fifth step by scanning the QR code, the «doctogo» app receives the QR code. the user, the respective healthcare provider will be given access to download the files to be shared and the desired data can be downloaded.

„Offsite“ or when you are absent

In the «Offsite» variant, the user of the «doctogo» app is not on site with the respective healthcare provider. Nevertheless, the user wants to share health and medical data, namely files stored in the «doctogo» app, with the respective healthcare provider.

The files to be shared must first be selected by the user. The selected files are then encrypted and temporarily uploaded to a protected area on the «doctogo» website and thus to a Microsoft Azure cloud. The data is always encrypted.

In a second step, the user is asked to enter the surname, first name, and e-mail address of the respective healthcare provider.

In a third step, the «doctogo» app then sends an automatically generated e-mail based on the data entered in the second step from the «doctogo» e-mail server to the respective healthcare provider. in which the respective healthcare provider is informed that the specifically named user would like to share a document. In addition, this e-mail contains a link to a subpage of the «doctogo» website.

In a fourth step, the respective healthcare provider must click on the link of the e-mail received in the third step and request authorization from the user to download the files.

In a fifth step, the user is then requested by the «doctogo» app to grant approval or authorization to share the files with the respective healthcare provider.

Only when the user has given the approval or authorization mentioned in the fifth step is it possible for only the respective healthcare provider to download the files to be shared. As soon as the data is downloaded, it is deleted from the protected area on the «doctogo» website and thus in a Microsoft Azure cloud. If the health care provider does not download the data within the short period of time, the encrypted data is automatically deleted from the Microsoft Azure Cloud and the "offsite" sharing process must be restarted.

Can I limit data sharing to individual data or documents?

You decide whether you want to share individual records selected by you, individual folders or all folders with the doctor (or other health professionals) and/or give them permission to inspect them.

Can I also register biometrically?

You can log in biometrically. Please follow the steps below.

The first time you need to register with a valid and working email address and set an individual password (registration data). Once you have registered, and are thus in the „doctogo“ app, you must tap/click on the three lines at the top right to the app functions and go to the settings. After that, you can activate „Login with biometrics“ by sliding the button to the right. You must note that on your cell phone these functions are also enabled. Now you can also log in biometrically (both with facial recognition and fingerprint) in the future.

How secure is my data?

If health and medical data are stored on the «doctogo» app, the individual stored files are encrypted and stored locally in folders created by the app on the mobile electronic device. The health and medical data stored on the «doctogo» app are thus stored exclusively on the respective mobile electronic device on which the app is also installed. In this context, it is particularly important to emphasise from a data protection perspective that all of the health and medical data stored in the «doctogo» app are not stored at any other location. In the "offsite" variant, the data is temporarily stored in the Azure Cloud in encrypted form (until the doctor has downloaded it, but for a maximum of 72 hours).

Should your mobile phone not withstand a hacker or cyber attack, the attackers will still not be able to view your data stored on the «doctogo» app, as it is stored in encrypted form and only you are in possession of the key for decryption.

Only you and the doctors (or other health professionals) to whom you have provided the decryption key can view the data securely stored on the «doctogo» app. Therefore, the owners/operators of the «doctogo» app cannot help you if you lose your data (e.g. through loss, destruction or change of mobile phone (see the questions below)), because the owners/operators of the «doctogo» app cannot see what data you have stored, nor do they store your data or have access to it. In such a case, you would have to request your data again from the doctors (see the question 'Where do I get my documents or medical data/health records?' and 'How do I get the documents from my doctor?' for the process).

Furthermore, only you decide whether the doctors (or other health professionals) wish to access individual documents selected by you, individual folders or all folders, or whether they wish to share these with the aforementioned persons.

What happens with my data?

As a user of the «doctogo» app, you are now in possession of your own health and medical data, so you can decide independently and freely which data should be stored in the «doctogo» app. You are completely free to decide which data is stored and which is not. The «doctogo» app offers various options and corresponding services.

If health and medical data are stored on the «doctogo» app, the individual files stored in folders created by the app are only encrypted and stored locally on the mobile electronic device. The health and medical data stored on the «doctogo» app are thus stored exclusively on the respective mobile electronic device on which the app is also installed. In this context, it is particularly important to emphasise from a data protection perspective that all of the health and medical data stored in the «doctogo» app are not stored at any other location. In the "Offsite" variant, the data is temporarily stored in the Azure Cloud in encrypted form (until the doctor has downloaded it, but for a maximum of 72 hours).

Can I delete my data?

You can delete your data at any time. If you delete data from the «doctogo» app, it will also be deleted from the mobile electronic device, unless you have additionally saved your data in separate folders created outside the «doctogo» app as a backup copy (see the questions below). Of course, it remains the case that the data was still stored in another place (e.g. in the photo gallery or with the e-mails) on the respective mobile electronic device.

What happens to my data if I lose my mobile phone, it doesn't work or I want to switch?

If your mobile phone (or mobile electronic device) is lost, no longer works or you have a new mobile phone, all of the health and medical data stored in the «doctogo» app of the respective mobile phone (or mobile electronic device) will be lost. You must therefore ensure that you make an external backup so that you have your health data available and can save it again in the doctogo app.

How do I store my data outside the 'doctogo' app?

You can create a backup on your mobile phone. You can create the same folders as on the 'doctogo' app on your mobile phone separately and name them the same as on the 'doctogo' app (doctor's reports, laboratory, X-rays, prescriptions, prescriptions, medication list, favourites, aftercare and general). Then open the data available on your 'doctogo' app and save it to the corresponding folder (named the same as on the 'doctogo' app).

What is end-to-end encryption?

The data is encrypted on your premises so that no other person can see the content of the data or the documents sent. This data is then transmitted in encrypted form to your doctor or other healthcare professionals or healthcare facilities. The aforementioned persons can only open the sent data or documents if you provide or send the key with which the data or documents can be decrypted and thus opened by your doctor or other healthcare professionals or healthcare facilities. This communication is always secure. You can imagine this figuratively as follows; you have provided the data with a lock. There is only one key. Without this key, no one can open the lock. At the same time, this key is only with you. What happens to this key or to whom you send or make available this key for opening the data is decided only by you. The doctor or other healthcare professionals or healthcare facilities can only open the data when you send the key.