Trust & Transparency

Trust & Transparency

A single page summarizing what DocTransparency does, what it does not do, and how to verify both.

This is what an investor, regulator, or skeptical journalist would want to see in 90 seconds.

What we do

  • Re-present four federal CMS public datasets (NPPES, Open Payments, Medicare Provider Utilization, PECOS) in a single, readable physician profile.
  • Provide a Transparency Score that measures how much public federal data exists for a provider — not clinical performance.
  • Give patients, journalists, and researchers a free, ad-free, account-free public resource.
  • Link every data point on every profile back to the original CMS source record so anyone can verify.

What we do NOT do

❌ Quality ratings or starsWe do not score physicians on quality. The Transparency Score is data-completeness only.
❌ User reviews / comments / testimonialsNo user-generated content about providers. Ever. Deliberate editorial choice.
❌ Industry fundingNo money from pharmaceutical, medical device, insurance, hospital, or provider entities.
❌ AdvertisingNo banners, no sponsored content, no affiliate links to medical services.
❌ User data sale or sharingWe do not sell or share visitor data. Period.
❌ "Claim your profile" upsellNo B2B product. Providers cannot pay to alter, hide, or favorably present their data.
❌ Aggregation with private sourcesWe do not blend federal public data with malpractice records, board actions, or other non-public sources without separate transparent methodology.
❌ Editorial influence by requestCorrections must be factual against CMS source, not preference-based.

Our funding

Operator self-funded. Zero external funding.

DocTransparency is operated by Yoel Castaño (sole proprietor, US legal entity formation pending). Infrastructure costs are paid out of pocket. There is no investor, no advertiser, no industry partner, no platform fee.

If this changes in the future (e.g., reader-supported model, philanthropic grant), it will be disclosed here and on /about before it takes effect.

Our editorial principles

  1. Data fidelity above all. Every number on every profile traces verbatim back to a federal CMS source. We do not augment, edit, or "interpret" the federal records — we re-present them.
  2. Provenance over polish. Every data point includes a "verify on CMS" link. If we ever can't show provenance, we don't show the data.
  3. Disclosure of limits. What the data does NOT cover (private patients, Medicaid, cash-pay, recent practice changes) is stated as prominently as what it does cover.
  4. No quality judgment. We measure data availability, not clinical merit. Patients should use this as one input, never as the sole basis for choosing a provider.
  5. Accessibility of correction. Providers have a defined channel (Provider Portal) with stated SLAs (5d acknowledgment, 7d correction notice, 48h identity-theft suppression).
  6. Reproducibility. Methodology and source pipeline are documented. Any researcher with access to the same federal datasets can recreate our profiles.

How we differ from comparable sites

DocTransparencyHealthgrades / VitalsProPublica Dollars for Docs (retired 2019)CMS openpaymentsdata.gov
Federal data integration4 datasets unifiedNPPES + scrapedOpen Payments onlyOpen Payments only
User reviews / ratings❌ Never✅ Hosted
Quality scores✅ Star ratings
Industry funding❌ Zero✅ Health-industry partners❌ Foundation-fundedN/A (gov)
Provider "claim profile" product✅ Premium tierN/A
Verify-on-CMS link per data point✅ AlwaysN/AN/A (is the source)
Correction SLA5d ack / 7d noticeVariesN/A (retired)CMS dispute window
Single-page provider view across 4 CMS sourcesPartial

The legal and journalistic moat is exactly the row "user reviews / quality scores": Healthgrades and similar sites take ongoing defamation hits because users post unverifiable opinions. DocTransparency has zero exposure on that vector — we display only verifiable federal records.

Source code & reproducibility

The data pipeline is open-sourced. Researchers can audit our methodology and reproduce our profiles independently. Code: github.com/yoelcastano/doctransparency (repository link will be live at launch).

Technical infrastructure

  • Hosting: Hetzner Online GmbH (Germany). Data processed within the EU.
  • CDN / DDoS: Cloudflare (US, with Standard Contractual Clauses for international transfer).
  • Analytics: None at launch. If added (privacy-respecting only, e.g., Plausible), 30-day prior notice on /privacy.
  • Cookies: None at launch.
  • Search index: Static JSON file generated from our SQLite DB. No server-side query logging.
  • No accounts: No login, no registration, no personal data forms (other than optional contact email).

Security commitments

  • HTTPS enforced (HSTS preload), valid TLS certificate auto-renewed.
  • Server logs (IP, user-agent, referrer) retained 14 days for security only. See /privacy.
  • No third-party advertising trackers, ever.
  • Designated DMCA agent for takedown notices.
  • Vulnerability disclosure: [email protected].

Legal position

Publication of this data is grounded in:

  • Physician Payments Sunshine Act (§6002 ACA, 42 U.S.C. §1320a-7h) — Congress mandates public disclosure of industry payments to physicians.
  • Freedom of Information Act — NPPES and Medicare data are public records.
  • First Amendment — Publication of truthful, lawfully-obtained public-record information about matters of public concern is constitutionally protected (Bartnicki v. Vopper, 532 U.S. 514 (2001); Smith v. Daily Mail, 443 U.S. 97 (1979); Florida Star v. B.J.F., 491 U.S. 524 (1989)).

For full legal terms see Terms and Privacy. For methodology see Methodology. For provider concerns see Provider Portal.

Audits and oversight

  • Internal audit (April 2026): 6-team adversarial audit + 5 sprints of remediation (87 findings → 84 resolved). See docs in repository.
  • Legal review (April 2026): Three independent perspectives (US healthcare YMYL, US publisher law, US+EU privacy) reviewed Methodology, Terms, and Privacy. All non-escalation findings applied.
  • External counsel: US healthcare publisher attorney engagement targeted within 60–90 days of public launch.
  • Public methodology changelog: /methodology/changelog.

Contact

Last reviewed

2026-04-17. Next scheduled review: 2026-07-17 or upon any material change.

Data Disclaimer — Data sourced from the Centers for Medicare & Medicaid Services (CMS): National Plan and Provider Enumeration System (NPPES), Open Payments program, Medicare Provider Utilization and Payment Data, and Provider Enrollment & Certification data (PECOS). Published under the Freedom of Information Act (FOIA). This website is not affiliated with, endorsed by, or authorized by CMS, HHS, or the U.S. Government. Data may contain errors as reported to CMS by providers and reporting entities. Payments from industry are legal and do not indicate wrongdoing. Medicare data reflects only patients aged 65+ or those with qualifying disabilities. For corrections, contact CMS directly. This information does not constitute medical advice and should not be used as the sole basis for choosing a healthcare provider. Procedure descriptions use plain language and do not reference CPT® codes, which are copyrighted by the American Medical Association. Full methodology → · Report a data error → · Privacy policy →