Security First

Security and privacy are our number one priority.

Secure Messaging for Healthcare

Security Statement

Foxo has been built with a ‘privacy and security first’ mindset in conjunction with leading privacy lawyers and security experts.

Our goal is, and always will be, to deliver powerful communication solutions to healthcare whilst upholding the most stringent security and privacy standards.  

If you have a question or concern about our security or privacy we want to hear from you. Please contact our data protection officer at


Year on year, Healthcare leads the Notifiable Data Breach scheme with the majority of incidents attributed to stolen credentials (malware and ransomware) or compromised via human errors (eg. breach via incorrect system or process)


HIPAA Compliant

Foxo is HIPAA Compliant


ISO 27001 DC

ISO27001 Accredited Data Centre


Independently Tested

Independently Security Tested every 3 months


IRAP certified infrastructure

Foxo runs on IRAP certified infrastructure


GDPR compliant

Personal and sensitive information is carefully stored and managed

Data Protection and Storage

Data is stored on secure, encrypted servers located in Australia. All patient data and user data is encrypted at rest and in transit using enterprise-grade encryption protocols. 

Data in transit: Movement of data between the webserver and browser is secured with the latest HTTPS technology using RSA encrypted TLS (Transport Layer Security).

Data storage: All User and patient data is stored on secure Amazon Web Services servers. These servers conform to the ISO27001 standard ensuring data remains backed up and safe at all times.

Security testing

Foxo engages an independent security team to undertake penetration testing on a 3 monthly basis to ensure vulnerabilities and threats are detected and addressed.



“Pentested by Sistematik” mark means the Foxo business and product have undergone independant penetration testing with successful results and no open critical findings.

Verified network of users

All users of Foxo undergo mandatory verification to establish their identity. This provides you with the confidence you are contacting the right person.


User access controls

Foxo comes free with Multi-Factor Authentication (MFA) to double down on securing your account. Additionally, mobile users can utilise a 4-digit pin to add an extra layer of account security.


Secure photo sharing

Clinical images taken within Foxo app are encrypted an stored on secured servers NOT on your personal mobile device or 3rd party cloud servers such as Apple iCloud, Dropbox or Google drive. This ensures compliance with national privacy regulations is maintained at all times.


Personal (user) Data

The only personal (user) data Foxo actively collects from customers is what we need for profile creation and account administration purposes.

Get compliant and switch to Foxo

Download Foxo, invite your colleagues and get connected OR
Visit to get started on desktop.
Download Free on iOS
Download Free from Google Play
Use the Foxo web app

Information Request

Patients can request a copy of their Personally Identifiable Information (PII) and Patient Health Information (PHI) at any time. These requests will be actioned in a timely manner.