JOURNI, Inc. PRIVACY NOTICE

We, at Journi, Inc. (“Journi”), know you value your privacy. That is why we are committed to the confidentiality and security of your personal information.  We maintain physical, administrative and technical safeguards to protect against unauthorized access, use, or disclosure of your personal information, including information we share internally either orally, electronically, or in writing.  This policy applies specifically to Journi’s use and disclosure of your data with regard to this mobile application (the “App”) or any service Journi provides you including customer support.

Health Insurance Portability and Accountability Act (HIPAA)

The Journi App is not a HIPAA covered entity.  In some cases, Journi acts as a business associate to a HIPAA covered entity (for example, a provider or a Group Health Plan).  When Journi is acting in its business associate capacity, it protects and uses data in accordance with HIPAA requirements.

When you provide consent to add your data to Journi’s Care Timeline and Consumer App Services, Journi is not a covered entity or a business associate and is not subject to HIPAA.  Journi protects your data in accordance with our Privacy Policy and Terms of Use.

Third Parties

The Journi App may provide links to Third-Party Partner services. Once you leave the Journi App, you are subject to the Third-Party Partner’s terms of use, privacy policy, and any other disclosure the Third-Party Partner makes.  We are not responsible for the content, security, or the privacy practices of Third-Party Partners.  Review the privacy statement and any terms of use of each Third-Party Partner you visit.

See the Journi Terms of Use to link to Third-Party Partner terms, privacy policies, and disclosures.

Data we collect

We need some information from you so that you can create an account with the App, such as your name, email address, password, date of birth and phone number. 

You have the choice to authorize your health plan, providers, or other third parties who maintain your health and wellness data to send your data to Journi. We may collect your health plan or provider ID number or necessary credentials to allow the third party to identify and authenticate you.  Once your data is provided to you through this App, we will use and share your data in the ways described below and in the Journi Terms of Use.

If you choose to connect your account on the App to your account on another Third-Party Partner service, we may receive information from that Third-Party Partner service depending on the information available from that service.  You can stop sharing the information from the other service with us by removing our access to that other service.

Journi will use other sources of data, including purchased data, to enrich and inform your consumer healthcare journey.

Use: How we use your data internally

Our App is used primarily to provide you with a clear picture of your care history, examine and draw conclusions based on your health information, and provide you with insights and suggestions to better manage your health.    

We collect and use your identifiable data (data, such as your name, phone number, email, address, or health services and conditions that can be used on its own or with other information to identify you) to:

  • Provide the primary service of the App
  • Communicate with you, make recommendations, and to send you alerts and notifications
  • Develop specific programs and materials that are relevant to you
  • Support company operations (e.g., quality control, fraud detection, training)
  • Develop and improve new and current products and services (e.g., analytics, build and test data science models, reporting)

Share: How we share your identifiable data externally with other companies or entities

We share your IDENTIFIABLE data to:

  • Provide the primary service of the App
  • Provide additional services you choose to use
  • Develop specific programs and materials that are relevant to you
  • Support company operations (e.g., quality control, fraud detection, training)
  • Develop and improve new and current products and services (e.g., analytics, build and test data science models, reporting)  

We will not share your identifiable data with employers.

We share your AGGREGATE or de-identified demographic, health, cost, utilization and engagement data with:

  • Employers
  • Third-Party Partners
  • Affiliated companies

Third parties receiving aggregate and de-identified data will be obligated by contract to protect the data they receive, will not have permission to re-identify it, and will not have permission to sell or share the data.

Sell: Who we sell your data to

  • We DO NOT sell your data

Store: How we store your data

  • We store limited data on your device in order to improve app performance.  We also store your data outside the device at our company or through an Infrastructure Vendor, including cloud-based providers.

Encryption: How we encrypt your data

Encryption means: a method of converting an original message of regular text into encoded text in such a way that only authorized parties can read it.

We encrypt your data in the App

  • Yes, automatically

We encrypt your data when stored on our company servers or with an outside cloud computing services provider

  • Yes, automatically

We encrypt your data while it is transmitted

  • Yes, automatically

Deactivation: What happens to your data when your account is deactivated

Deactivation means: You take action to deactivate your account, or a company ceases operation or deactivates an individual’s account due to inactivity. 

To stop sharing or delete information from your insurance carrier, you may go to the App settings and choose to stop sharing data.  When you stop sharing the data, you will not receive any new information from your carrier.  The data already in the App will remain.

You may delete the data you have consented to share with Journi (your claims data, health data, wearable device data, etc.) by contacting Customer Support.  When you request Journi to delete your data, it will be deleted within 60 days after your request.

If you previously chose to share your data with other Journi users or other Third-Party Partners, your request will not affect data shared before Journi received your request for data deletion.

Journi will permanently retain the information used to create your account (name, email address, password, date of birth and phone number) and data collected as part of your interactions with Journi (for example, when you gave or revoked permission to connect your health plan data).

Device Data: How this App accesses other data

The Journi App requests access to other device data or applications, such as your phone’s camera, photos, or contacts only with your permission.

It may connect to:

  • Camera or Photos in order for you to upload a photo of a bill or information to add to your care timeline
  • Location services in order to provide you with care resources near your location or ensure providers you interact with are licensed to practice in your location
  • Microphone in order to facilitate conversations with care partners
  • Health monitoring devices, contacts, or device data (device and application identifiers, cookies, etc.)

You can check your settings, including permissions set as a default in your device’s “Settings” function.  If you have any questions about the privacy settings of your device, please contact the manufacturer or your mobile service provider for help.

Social Media: How this technology interacts with Social Media

The Journi App does not allow you to share the collected data with your social media accounts, like Facebook, Instagram, Twitter, or other social media platforms.

User Options: What you can do with the data that we collect

The Journi App allows you to access and share the data we have about you.  If you have concerns about the accuracy of your data, send questions to help@journi.com

You can also edit certain types of data such as entering in additional information about your care team and personal health history.

Policy Changes: How we will notify you if our privacy policy changes

We reserve the right to change our privacy practices and this notice at any time without advance notice.  We will notify you of any material changes to this policy and as required by law and give you an opportunity to review the revised policy before deciding if you would like to continue to use the App.

Breach: How we will notify you and protect your data in case of an improper disclosure

Journi complies with all applicable laws regarding breaches.  In the event of a breach (unauthorized disclosure that meets the definition of a breach), we will contact you by using the information you provided to create your account.    

How to contact us

If you have questions about this policy, or about our use of your information, please contact us at help@journi.com or by writing Journi, PO Box 1271, Portland, OR  97207.

Effective Date of Policy: August 21, 2019

California Consumer Privacy Act 

California Citizen Rights

Individuals who reside in the state of California, a "consumer," as that term is defined under California law, have additional rights reserved under the California Consumer Privacy Act (CCPA) and the California Shine the Light Law: 

Protected Health Information Excluded

Any personal information you provide or that we collect in connection with administering or providing your healthcare benefits, or your status as a member of one of our health plans in conection with your healthcare, will be handled in accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Federal Standards, which preempts and is excluded from the requirements of the CCPA. 

Right to Opt-Out 

We do not sell personal information. 

Right to Request Personal Information

You have the right to request the categories of personal information, as detailed under the CCPA, we have collected and stored for you. 

Right to Delete Personal Information

You have the right to request we delete personal information we, or our service providers, store about you. Please keep in mind our response to such a request may include an explanation of the business purpose under which we may retain your information (for example, we would need to retain copies of a business transaction for financial records) in accordance with the CCPA. 

Non-Discrimination

If you elect to exercise any rights under this section of our Privacy Statement, we will not discriminate or retaliate against you. 

If you are a California consumer and have additional questions based on this section of our Privacy Statement, please use this web form, email us at help@journi.com or by writing Journi, PO Box 1271, Portland, OR 97207. Also, be sure to check this If you have questions about this policy, or about our use of your information, 7policy for updates as we will review it at least every 12 months and make updates as necessary. 

Identity Verification Requirement

We are required by law to verify that any data access request submitted under the authority of the CCPA was made by someone with the legal right to access the persoal information requested. Therefore, prior to accessing or divulging any information pursuant to a data subject access request, under the terms of the CCPA, we may request that you provide us with additional information in order for us to verify your identity and legal authority. 

Access Request Reponses

Under the CCPA, there may be certain circumstances where we would deny your request to access, receive, or delete personal information we hold. For example, we would deny requests where any such access or disclosure would interfere with our regulatory or legal obligations or where we cannot verify your identity. We also have the ability under the CCPA to deny requests if it would result in our disproportionate cost or effort. However, even where we will not substantively complete a request made under the CCPA, we will still provide a response and explanation to your request wihtin a reasonable time frame as required by law. 

Contact Us 

To make requests please contact us at help@journi.com with "CCPA Personal Information Request" in the subject line and provide us with full details in relation to your request, including contact information and any other detail you feel is relevant. 

Effective Date: August 21, 2019

Last Updated: November 22, 2019