Ensuring Your Security and Privacy Within HealthJoy

At HealthJoy, we believe that privacy is your fundamental right. We design every technical system, process, service from the ground up to protect your information. We understand that your healthcare data is the most personal information possible and take extreme care when working with it. We never share a member’s data with their employer, spouse or any other 3rd party without consent. We are 100 percent compliant with all federal privacy laws as well as the Health Insurance Portability and Accountability Act (HIPAA) which has strict guidelines on how to handle data. 

Only You Can Access Your HealthJoy Account

You can secure your HealthJoy account easily with a password that meets password best practices in use today- i.e. at least eight characters long that contains digits, alphanumeric and standard characters. You can create millions of possible combinations. You can also use advanced security technologies such as Touch ID or Face ID to log into your account. Your employer may also enable two-factor authentication for an added level of security. We’ll even monitor your account and let you know immediately if your password is compromised.

Your Healthcare Data Belongs To You

We understand that when it comes to your health and health records, these are private matters. We will never share your data with your employer, under any circumstance. The only data we may share with an employer is aggregated data that’s 100 percent anonymous to protect privacy. An employer will never see your health record. All aggregated data presented is based on the entire employee population, so your employer might view how many online medical consultations happened in April for the whole company, but they will never know you performed five for your family that month. HealthJoy doesn’t gather personal information to sell to advertisers or other organizations.

Fort Knox Approach To Data

We are serious about cybersecurity, our data and how the handling of that data complies with all HIPAA federal requirements and we take it much further. We only use 256-bit encryption within our app and to store all data. Our data center is SOC2 compliant. SOC2 is an auditing procedure that ensures your data is securely managed and processed.

Robust Employee Training

Our employees provide you and your family with confidential, one-on-one help in navigating the complex healthcare system. They are trained to work with providers, facilities, insurance companies, and other health-related organizations to resolve complex issues. They also go through extensive training on HIPAA and how to handle any data. If at any point they need to work with a 3rd party on your behalf with sensitive information, they will get your approval and will not proceed without it. Every one of our employees understands the trust our members place in us each day.

Your Transactions Are Safe

Your peace of mind is our highest priority. Our app connects with 3rd party financial accounts including 401k, HSA, FSA, HRA and many more.  We’re serious about security and use cutting-edge technology to ensure your personal information is fully encrypted and securely stored. For members with high deductible health plans that have a medical consultation fee, we utilize Stripe.com, a PCI Service Provider Level 1, that manages billions of dollars every year in transactions for the largest companies in the world. Our company never stores your financial information on our servers.

Only The Best Partners In The Business

Your mother was right, people judge by who you associate with, and we take that to heart. We only work with companies that are entirely HIPAA compliant that handle your data with care. We make sure through both process and technology that we treat all information correctly. We require HIPAA business associate agreements (BAA) in place with each of our partners to maintain PHI security and overall HIPAA compliance