Privacy

Built so messages stay between two people.

This is what HIPAA-compliant messaging looks like in plain English.

How we protect your messages

Three protections, working at once.

End-to-end encryption

Messages are sealed on your device. They only open on the recipient's. We never hold the keys that would let us read them.

Verified identity

Every account is identity-checked against clinical credentials before it sends a single message. No public sign-up, ever.

Recovery code

Lose a device, sign in on a new one. Without a recovery code, past history won't decrypt. By design.

Inside a conversation

Sealed here. Travels as noise. Opens only there.

Your message is encrypted on your device, travels as noise across our servers, and only decrypts on the recipient's screen. Nobody in between can read what's in it.

Sharing the latest labs now.
Sealed on this device
Sharing the latest labs now.
Opened for Dr. Patel
Reporting and blocking

Every account can be reported.

Every verified provider can block someone or flag a concern directly from the conversation. Reports go to a real person, not an automated queue. For escalation, write to doctalinksupport@gmail.com.

JC
Dr. J. Chen
Internal Medicine
Block this account
Report a concern

What we will never do.

0
Ads
0
Analytics
0
Third-party scripts
Profile
Recovery code
Notifications
Delete account
If you ever leave

Delete from inside the app. We don't keep a ghost.

Remove your account from Doctalink at any time. We pull you from the directory immediately. Your encrypted message records are deleted within 30 days. Your recovery code becomes inert.

Open Doctalink and message a verified provider.

No public surface. Two readers. Nothing in the middle.

Last updated: May 28, 2026.