At Ditto, we value transparency and collaboration. We recognize the important role the security research community plays in making digital healthcare safer. If you have discovered a security vulnerability, we kindly ask you to report it to us directly. Together, we will ensure that the issue is resolved quickly and carefully, with the safety of our users as our highest priority.

​

​Our program is built on recognized industry standards and is guided by a coordinated and respectful approach. We follow these key principles:
 

• Coordinated Vulnerability Disclosure – we work with researchers to handle reports securely and responsibly.

• Safe Harbor – good-faith reporting will not result in legal action.

• Open Scope – we welcome research that broadly and thoughtfully examines our systems.

• Core Ineligible Findings – we clearly outline findings that fall outside the scope of our program.

• Detailed Platform Standards – our process aligns with established industry guidelines.

​​

By working together in this way, we strengthen our commitment: trustworthy and secure healthcare technology, built on confidence and care.