Geronimo writes – “I’ll see if there’s any existing discussions about private communities while I’m at it though, it might be something the main devs have an opinion on or plan for.”

Brilliant – thank you for checking.

There are all kinds of situations in which a (usually small) group of people might need some privacy. An oppressed minority at a college in the southern United States, a group of employees trying to unionize, etc. Doctors discussing procedures and needing both vetted credentials to comment intelligently/safely and the general public to not see they are disagreeing with each other…

At the same time, it would be great to have FEWER login credentials – so members of these private communities could also partake in all the advantages of the Federated communities on their same Lemmy instance.

– Michael

Shadow – The point is to have the best of both worlds. So a person could join the Lemmy instance and participate in all the Federated communities. Then, they could be vetted for the private community (which is not Federated – only on that instance), in order to discuss more private matters.

Not extremely secret stuff, more along the lines of “I’m a psychotherapist and I’m having depression issues myself” or “I have a depressed 23-year-old female client with symptoms of … Do you all have some treatment recommendations”. Stuff that is back-channel and maybe the whole world should not read.

Despite their various evils – Facebook, Tumblr, and Reddit all have both open and closed communities. Of course these platforms are no doubt reading the “private” communities and monitizing it quietly in some way. Maybe even selling the data out the back door…

Anytime people need a bit of trust and privacy at a distance this becomes a good idea. A young mother’s group wanting to exchange advice and support on breastfeeding, an LGBTQ group at a particular somewhat hostile college in Texas, etc.

Yes, old-fashioned BBS systems (remember FidoNet?) do this – but then non-technical people have to learn a new BBS login every blessed time they want to access one of their particular closed groups. So you do it all through Lemmy for some convenience.

– Michael

Geronimo – This would be lovely! Bonus points if its not just hidden, but can’t be accessed by non-subscribers to that particular community. But… I’ll take what I can!

Shadow – I suppose that means private communities won’t be possible.

Oh Gods – on a lark I just typed “x.com” into my browser. One guess what website I ended up on? I’m imaging it now – someone bought “x.com” 15 years ago and cursed the day they ever wasted money on it, yet hung onto it… Now they are on vacation in the tropics.

Doxy is technically HIPAA compliant according to them and I can’t PROVE otherwise.

In October 2021 – logging in as a CLIENT – I traced (via Pihole and the Lightbeam Firefox plug-in) their website having my web browser contact connections to Google (multiple), Youtube (multiple), Facebook, Doubleclick, Hotjar, Mixpanel, and Segment ad networks/trackers/data aggregators. Heavy additional use of outside support tools from Google, Amazon (their web hosting provider), Cloudflare, Cloudfront, and other outside supporting services.

There was just no excuse for that from a company only providing medical telehealth.

Since then Doxy seems to call on fewer outside supporting services, and last I looked (April 2022) they ran their data tracking services through one specific company – which could then redistribute data to all the above companies. Or not.

The devil here is in what constitutes Protected Health Data (PHI). In 2022 Doxy privacy policies discussed only collecting “anonymized” data and no PHI. Sounds great. However, please see:

Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates https://www.hhs.gov/hipaa/for-professionals/privacy/guidance/hipaa-online-tracking/index.html

This HHS and OCR guidance includes the sorts of 3rd party tracking technologies DOXY is likely referring to in their privacy policies.

Then of course, there is this: Yes, someone really did name their service Doxy (“Doc See Me” according to the company). There are several double meanings here. Doxx or doxxing – hacker slang for spreading sensitive private information all over the Internet to defame someone. Webster’s Dictionary – Doxy – a prostitute. https://www.merriam-webster.com/dictionary/doxy

No disrespect intended to sex workers in the use of the possible slur “prostitute” here.

Copied from a friend:

JAMA has an issue devoted to the use, risks, and potential benefits of AI and chatbots in diagnosis and treatment. Given all the recent discussion, it seemed worth sharing:

http://read.alerts.jamanetwork.com/csb/Public/show/axac-2pb1ib--143543-a

See next announcement – these new rules are being implemented!

Self plug: Mental health instance – members must be verified to be employed in mental health professions. lem.clinicians-exchange.org .

Madcow – While you are not wrong, we are talking about the unwashed masses here who are not necessarily savvy. “Private chat” really should have been.