Amion provides an easy-to-use mobile app designed with high security standards to protect sensitive information.
- Trusted Network: Amion integrates with Doximity, a secure medical network with 1 in 3 U.S. physicians registered as members.
- End-to-End Encryption: Messages sent through Amion are encrypted from the device to the server and back to the recipient.
- Device Security: Messages are never stored on the device. If a phone is lost, no messages will appear on the device itself.
- Secure Server Storage: Messages are stored encrypted on secure servers in Seattle and Virginia and are monitored daily for potential security threats.
- Privacy Compliance: For more details, see Doximity’s Privacy Policy.
Additional Security Features:
- Smart Secure Previews: When a new message is received, the app redacts names and other sensitive information, displaying only a PHI-free snippet on the lock screen.
- Balance of Security and Convenience: Amion secure messaging provides the convenience of text messages while ensuring the protection of patient information.
Storage of Amion Secure Messages
- Server Storage:
- Messages sent via the Amion Mobile App are stored in encrypted format on Doximity servers.
- Users can delete messages from their inbox, which removes them from view on the app, though they remain encrypted on the server.
- Device Storage:
- Messages are temporarily loaded onto the device only when the user opens the app and taps the Messages tab.
- Messages remain on the device only while the app is open.
- Once the user quits the app, all message content is removed from temporary storage, so it does not persist on the device.
Amion ensures that PHI stays secure by combining encrypted server storage with limited device storage for maximum protection.
Amion App Security Highlights
The Amion Mobile App, ensures secure messaging through multiple layers of protection:
- User Verification & Authentication: Unique ID and strong password requirements confirm only authorized medical professionals can access messages.
- Encrypted Communication: Messages are protected with end-to-end 256-bit AES encryption, transmitted via SSL with 2048-bit RSA.
- Audit & Monitoring: Activity is backed up, monitored, and controlled to prevent security violations.
- Secure Infrastructure: Data is stored on encrypted drives in Seattle and Virginia with access limited to authorized personnel.
- Compliance & Certification: NIST Level 3 certified; cryptographic modules validated to FIPS 140-2 Level 1+ standards.
Amion Messaging App – Network Domain Allowlist Requirements
To ensure proper functionality of the Amion Messaging App, please work with your IT department to ensure that the following external domains are allowlisted on the organization's network, firewall, and web filtering systems.
| Domain | Purpose |
| *.bugsnag.com | Application error reporting and diagnostics |
| skan.singular.net | Mobile attribution and analytics services |
| *.recaptcha.net | CAPTCHA validation and bot protection |
| www.google.com/recaptcha | Google reCAPTCHA services |
| *.googleapis.com | Google API services used by the application |
| *.doximity.com | Integration with Doximity services |
| *.amion.com | Core Amion application services |
Configuration Recommendation
Use wildcard domain entries whenever possible. Wildcard domains (for example, *.bugsnag.com) are recommended instead of listing individual subdomains. This approach:
- Reduces administrative overhead
- Prevents service interruptions if subdomains change
- Ensures continued access to vendor-hosted services
- Simplifies firewall and proxy rule maintenance
Implementation Notes
- Add these domains to:
- Firewall outbound allow rules
- Web proxy allowlists
- DNS filtering exceptions
- SSL inspection bypass lists (if applicable)
- Failure to allow these domains may result in:
- Messaging failures
- Login issues
- Push notification disruptions
- CAPTCHA validation errors
- Limited application functionality
Amion Secure Messaging Setup Instructions
Amion Messaging enables secure messaging from the Amion Who’s On List and Mobile App to on call staff. To add Amion Secure Messaging as a contact type for Staff Members:
- From the ‘Staff Members’ activity
- Click the ‘Edit’ pencil icon
- In the Contact info section, click ‘+ Add Contact Method’
- In the dropdown select ‘Amion App’ ○ If the Amion App is greyed out (unselectable) - see the details below for more information
- Drag and drop the Amion App contact method to the position where you want it to appear on the Who’s On
Click "Save" to save your changes
Messaging Details:
- Who’s On List → Staff: One-way messaging (broadcast only).
- Mobile App ↔ Staff: Two-way messaging (staff can send and receive messages).
Once Amion Messaging has been added to a staff member’s contact information, the staff member will receive an email notifying them that the feature has been enabled. The email will also include instructions for downloading the Amion App if they have not already installed it.
What if the Amion App is greyed out (unselectable)?
If the Amion App option is greyed out (unselectable), it means the staff member does not have a verified email address. The user must have a verified email to be properly set up in the app and able to receive Amion secure messages. For information on how staff members can verify their account, refer to the Account Verification training topic available on Amion Academy.
How to send an Amion Secure Message
From the Who’s On List click the ‘Send Message’ hyperlink
- From the ‘Send Message via Amion App’ window, enter your message
- Click Submit
- You will receive a pop-up indicating that your message was successfully sent
On call Staff members will receive both an Amion App notification and an email notification when a message is sent.
Staff can unsubscribe from email notifications by clicking ‘unsubscribe’ at the bottom of the mail.