Effective Date: August 19, 2021
Joey Care Inc. (“Joey”, “we”, “our” or “us”) is devoted to safeguarding our users, customers, affiliates, partners, and employee private information and ensuring the highest level of confidentiality of records. In summary, we take data privacy and security very seriously. This Privacy Policy describes the information we collect, how we use it, and the standards and procedures in place to safeguard your personal, nonpublic information.
Joey, its personnel, and its affiliates strictly adhere to this Privacy Policy and the security practices and procedures described herein to ensure the confidentiality of customer information. It is Joey’s policy to comply with all international (where applicable), federal, and state laws and regulations relating to the privacy of our customers’ Private Information (PI) and Private Health Information (PHI).
This Privacy Policy describes how Joey Care Inc. collects, uses and shares your information when you visit our website at https://www.joinjoey.com (“Site” or “Website”) or use our mobile applications available in the Apple App Store or Google Play store (“App”) and use the services, features, content or applications we offer (collectively within the Site or App, the “Services”). We receive information about you from various sources, including: (i) if you download the App through your user account on the App Store or Google Play Store (your “Account”); (ii) your use of our Services generally; and (iii) from third party websites and services. You acknowledge that this Privacy Policy is part of our Terms of Service, and by agreeing to use the Services, you are agreeing to be bound by all of its terms and conditions and all applicable laws and regulations. If you do not agree and consent, discontinue use of the Services and wherever applicable, delete the App from any and all of your devices. Joey Care Inc. is a United States company with its headquarters listed at 8135 Village Crest Drive Ellicott City, MD 21043. Regardless of the country in which you live, you authorize us to access, transfer, store, and use your Personal Information (as defined below) in the United States and in accordance with this Privacy Policy. U.S. privacy and data protection laws and rules may vary from those in the country where you live.
This Privacy Policy covers the treatment of personally identifiable information (“Personal Information”) gathered when you are using or accessing the Services. “Personal Information” is information that can be used to identify you by itself or when it is combined with other information, such as your first and last name, email address, postal address, phone number, or payment card information. This Privacy Policy also covers our treatment of any Personal Information that our business partners or affiliates share with us or that we share with our business partners and affiliates. This Privacy Policy does not apply to the practices of third parties that we do not own or control, including but not limited to any third party websites, services and applications (“Third Party Services”) that you elect to access through the Third Party Services or to individuals that we do not manage or employ. While we attempt to facilitate access only to those Third Party Services that share our respect for your privacy, we cannot take responsibility for the content or privacy policies of those Third Party Services. We encourage you to carefully review the privacy policies of any Third Party Services you access. Certain aspects of the Services are designed to help you share information with the world. If you make information public through our Services, other users will have access to it. We cannot guarantee information you make public through our Services will remain protected in accordance with this Privacy Policy. Please think carefully before sharing information with others or before making information public. You are solely responsible for information you make public. Personal Information once “de-identified” is not subject to this Privacy Policy and we and our service providers and third party sub-contractors may treat it as non-Personal Information and use it without obligation to you, except as prohibited by applicable law.
Joey collects, retains, and uses Personal Information/Protected Health Information (PI/PHI) from users to include the following:
Federal law requires us to obtain, verify, and record personal information – such as your full name, address and date of birth – in order to confirm your identity, social security number, and banking information.
Joey collects, retains, and uses PI from employees and Sub-Contractors including the following:
We may use information about you, including your Personal Information, for any purposes consistent with our statements under this Privacy Policy or as permitted by applicable law, including to:
We may share your personal information in the following situations:
WE DO NOT SELL YOUR DATA TO THIRD PARTIES. AS A DIGITAL HEALTH COMPANY, WE FEEL THAT IT IS OUR DUTY TO PROTECT YOUR DATA TO THE GREATEST EXTENT POSSIBLE.
Under the Health Insurance Portability and Accountability Act (“HIPAA”), some health and/or health-related information that we collect as part of providing the Services may be considered “protected health information” or “PHI.” PHI is any information in a medical record that can be used to identify an individual, and that was created, used, or disclosed to a covered entity and/or their business associate(s) in the course of providing a health care service, such as a diagnosis or treatment. Protected Health Information (PHI) is the combination of health information and personally identifiable information (PII). Health information can be information that is created or received by a covered entity via any medium—verbal, written, electronically or otherwise.
What PHI do we collect? When you voluntarily provide your PHI to Us through our website or Apps and through your use of our Services, we store and maintain that PHI in our systems. Examples of PHI you may provide include:
HIPAA provides specific protections for the privacy and security of PHI and restricts how PHI is used and disclosed. Joey may use or disclose your PHI for treatment, payment, or healthcare operations purposes on behalf of covered entities, such as healthcare providers and health insurers, and other purposes permitted or required by law. We may also disclose your PHI to other companies or individuals that need the information to provide services to us. For example, we may provide information to third party companies that assist us with support or billing services now or in the future. These third parties are required by HIPAA to also keep the PHI confidential and secure.
HIPAA Acknowledgement Form
In order to obtain services with any health-related providers on the Joey platform, you will be required to e-sign a “HIPAA Acknowledgement Form” that states that you have had the opportunity to review the “Notice of Privacy Practices” document (aka “HIPAA Policy”) and that you understand how your PHI will be handled. Signing the “HIPAA Acknowledgement Form” does not mean that you agree with the policy or that you are signing away any legal rights that you might have.
The “Notice of Privacy Practices” simply states what your rights are under HIPAA and how we can use your PHI without your explicit permission, but if we wish to disclose your PHI in any other fashion outside of what is included within the “Notice of Privacy Practices,” we can only do so with your written authorization. If you do not sign the “HIPAA Acknowledgement Form, you will not be able to complete any consultations / appointments with any health-related providers.
Additionally, you may be asked by us to e-sign an authorization form (the “HIPAA Authorization Form”) that would allow Us (or the health provider) permission/authorization to disclose certain information to other parties. Your decision to e-sign the HIPAA Authorization Form is entirely voluntary. If you choose to e-sign the HIPAA Authorization, you agree that we may use and disclose your PHI in the same way we use and disclose your Personal Information that is not PHI. These uses and disclosures are described in this Privacy Policy. To the extent any provision in the HIPAA Authorization is inconsistent with this Privacy Policy, then the provisions in the HIPAA Authorization only controls with respect to your PHI. If you do not e-sign the HIPAA Authorization, then your Personal Information that is not PHI is governed by this Privacy Policy and your Personal Information that is PHI is used and disclosed by us only as permitted in accordance with our agreements with your health provider(s).
You have rights regarding the PHI that we collect. You can request that we restrict the use and disclosure of your PHI by sending a written request to legal@joinjoey.com (not HIPAA secure) or contacting us through Joey’s in-app messaging system (HIPAA secure). You can request that we send your health information by alternative means to an alternative address. Once you review your PHI, if you see any problems with your PHI, you may request amendments to your PHI by making a written request to us. We have the right to deny the request in some cases. If we deny your request to change your PHI, we will provide you with a written explanation of the reason for the denial and additional information regarding further actions that you may take. You also have the right to receive a list of certain disclosures of your PHI made by us in the past six years from the date of your written request to us at the address below. Under HIPAA, this does not include disclosures made for purposes of treatment, payment, or general healthcare operations or certain other purposes we have stated above. We are required under HIPAA to notify you in the event of a breach involving your PHI and will do so as required by law. If any HIPAA-related information in this Privacy Policy should clash or be in contradiction with our Notice of Privacy Practices (aka “HIPAA Policy”), then the Notice of Privacy Practices takes precedence.