Ensuring Your Security and Privacy Within HealthJoy
At HealthJoy, we believe that privacy is your fundamental right.
We design our technical systems, processes, and services to protect your information. We understand that your healthcare data is the most personal information possible and take extreme care when working with it. We never share a member’s data with their employer, spouse or any other third-party without consent.
We are compliant with all federal privacy laws including the Health Insurance Portability and Accountability Act (HIPAA) which has strict guidelines on how to handle data.
Only You Can Access Your HealthJoy Account
You can secure your HealthJoy account easily with a password that meets best practices in use today – i.e. at least eight characters long that contains digits, alphanumeric, and standard characters. You can also use advanced security technologies such as Touch ID or Face ID to log into your account.
Your employer may also enable two-step authentication for an added level of security. We even monitor your account and let you know if your password is compromised.
Your Healthcare Data Belongs to You
We understand that when it comes to your health and health records, these are private matters. We will not share your data with your employer except where required to deliver a service to you, like HealthJoy Rewards. Data we may share with an employer is aggregated data that’s anonymous, to protect privacy. An employer will never see your health record.
All aggregated data presented is based on the entire employee population, so your employer might view how many online medical consultations happened in April for the whole company, but they will never know you performed five for your family that month. HealthJoy doesn’t gather personal information to sell to advertisers or other organizations.
Our Approach to Data
We are serious about cybersecurity, our data, and how the handling of that data complies with HIPAA. Data transmitted and stored by our app is encrypted using the latest encryption standards. HealthJoy has achieved the Type II SOC 2 attestation, which is an annual third-party auditing procedure that affirms how well we securely manage and process your data.
Robust Employee Training
Our employees provide you and your family with confidential, one-on-one help in navigating the complex healthcare system. They are trained to work with providers, facilities, insurance companies, and other health-related organizations to resolve complex issues.
They also go through extensive training on HIPAA and how to handle any data. If at any point they need to work with a third-party on your behalf with sensitive information, they will get your approval. Every one of our employees understands the trust our members place in us each day.
Your Transactions are Safe
Your peace of mind is our highest priority. Our app connects with third-party financial accounts including 401k, HSA, FSA, HRA and many more. We use cutting-edge technology to ensure your personal information is fully encrypted and securely stored.
For members with high deductible health plans that have a medical consultation fee, we utilize Stripe.com, a PCI Service Provider Level 1, that manages billions of dollars every year in transactions for the largest companies in the world. Our company never stores your financial information on our servers.
Only The Best Partners in the Business
Your mother was right. People judge by who you associate with, and we take that to heart. We only work with companies that handle your data with care. We make sure through both process and technology that we treat all information correctly. We require HIPAA business associate agreements (BAA) with each of our partners to maintain PHI security and overall HIPAA compliance.