JORO APP PRIVACY POLICY AND

NOTICE OF PRIVACY PRACTICES

 

Privacy Policy last updated: February 25, 2019

 

This Privacy Policy applies to the Joro Mobile App (“the App”), which is powered by Joro Healthcare, LLC (“Joro” or “we”). This Privacy Policy forms part of the Terms and Conditions of Use that govern your use of the App.

 

Please read this Privacy Policy carefully before using the App.

 

By downloading or using our App, you acknowledge that you have read this Privacy Policy, and agree to be bound by it.  If you do not agree to any of the terms contained in this Privacy Policy, your sole and exclusive remedy is not to use the App.

 

We are required by law to maintain the privacy of Protected Health Information (“PHI”) and to provide you with notice of our legal duties and privacy practices with respect to PHI. PHI is information that may identify you and that relates to your past, present, or future physical or mental health or condition, the provision of health care products and services to you or payment for such services. This Policy describes how we may use and disclose PHI about you, as well as how you obtain access to such PHI. This Notice also describes your rights with respect to your PHI. We are required by HIPAA to provide this Policy to you.

 

This Privacy Policy also describes other information we may collect through the App about you that may include personal contact information or technological information about your computer or mobile device.

 

We are required to follow the terms of this Policy or any change to it that is in effect. We reserve the right to change our practices and this Policy and to make the new Policy effective for all PHI we maintain. If we do so, the updated Policy will be emailed to you in advance of its implementation. You will also be notified of the updated Policy upon your next login to the App after its implementation.

 

References to “we,” “us,” and “our” include Joro Healthcare, LLC. An affiliated covered entity is a group of organizations under common ownership or control who designate themselves as a single affiliated covered entity for purposes of compliance with the Health Insurance Portability and Accountability Act (“HIPAA”). Joro, its employees, workforce members and members of the Joro affiliated covered entity who

are involved in providing and coordinating health care are all bound to follow the terms of this Privacy Policy and Notice of Privacy Practices (“Privacy Policy”). The members of the Joro affiliated covered entity will share PHI with each other for the treatment, payment and health care operations of the affiliated covered entity and as permitted by HIPAA and this Privacy Policy. For a complete list of the members of Joro’s affiliated covered entity, please contact the Privacy Office.

 

 

  1. Information We Collect and How We Collect It. We may collect different kinds of information from you in different ways. This Privacy Policy tells you about our information gathering, use, and disclosure practices and applies to information gathered through your use of this App and your electronic communications through this App. We collect information on the App in the following ways:
    • Voluntarily Provided. In order to use the App, you will be required to provide personal information, such as, for instance, your name, email address, address, phone number, etc. You choose whether to disclose this information, but you may not be able to the App without disclosing it. We may use any and all information submitted through the App for any purpose, including but not limited to using the information to address and respond to specific requests or inquiries you submit through the App, to track your rehabilitation progress, or for other medical or informational purposes. Patients using the App expressly consent to the sharing of their PHI and personal information with any person they designate as a VIP.  Any information provided through the App by a patient’s designated VIP may be shared with the patient and us.
    • Technologically Gathered. We may collect some information automatically as you navigate the App for various reasons, including for administration and troubleshooting purposes and to improve your use and enjoyment of the App. This sort of information is generally considered non-personal Information. We may combine information about your use with information about others’ use to generate aggregated Non-personal Information about users as a collective. We may also combine the information you submit through the App with information you have provided to us in another manner, and if the resulting combination contains personal information, then the combination will be treated as personal information under this policy.

We may use cookies and web beacons to understand user behavior and preferences, improve the App, and manage content. This information is not personal information; it is anonymous and it does not identify individuals. Cookies are text files that contain pieces of information that a portal/website/App transfers to an individual’s hard drive for record-keeping purposes. A cookie is created when an individual views the Joro content or product. The Joro server uses cookies to capture user movement on the App. These are persistent cookies, which remain on your computer to allow us to identify your browser, but they are not used to identify

  • Joro cookies are stored only on your device, and We do not release, trade, or sell any individual-identifying information generated from cookies.
  • We may also use mobile device IDs (the unique identifier assigned to a device by the manufacturer), instead of cookies, to recognize you. We may do this to store your preferences and track your use of the App. Unlike cookies, device IDs cannot be deleted. Device IDs may be used to track usage of the App, track the number of pages displayed, measure performance and display content that is more relevant to you.
  • Web beacons are transparent graphic images located on pages of the App. Web beacons allow us to capture the actions of users during App navigation. This helps us understand how people navigate through the App.
  • The use of cookies, pixel tags, web beacons, clear GIFs, or other similar technologies allows our third-party vendors to deliver advertisements about our products when you visit the App or other web Apps or web properties across the Internet. Our third party vendors may place pixel tags, web beacons, clear GIFs, or similar technologies on the App and other websites or web properties, and also place or recognize third-party cookies when you visit the App or other Apps or web properties. They may use information about your visits to the App and other websites or web properties to provide advertisements about goods and services that may be of interest to you.
  • We employ Google Analytics and Facebook Pixels to collect user demographics and online behaviors, which helps inform us about our users and their preferences. Our use of Google Analytics is discussed below. We also share information about your use of the Site with our social media, advertising, and analytics partners.
  1. How We Use the Information. Generally, we use information provided through the App to enhance and personalize the App; to communicate with you; to allow members of the patient’s healthcare team to track and update a patient’s progress and to communicate with the patient and his or her designated VIPs; to improve, administer, customize, and/or maintain the App; and to carry out our obligations and enforce our rights.

We may use your Personal Information and/or Non-personal Information to offer, market and advertise to you via the App and/or through email or U.S. mail. We may also communicate with you about our services and team, and about your experience with our team. We may use Non-

personal Information to conduct market research and analysis for ourselves and for others. We do not place any restrictions on the use of Non-personal Information.

  1. Disclosure of Your PHI.

The following categories describe different ways that we use and disclose your PHI. We have provided you with examples in certain categories; however, not every permissible use or disclosure will be listed in this Policy.  Note that some types of PHI may be subject to special confidentiality protections under applicable state or federal law and we will abide by these special protections. If you would like additional information about special state law protections, you may contact us at [email protected].

  • Treatment. We may use and disclose your PHI to provide and coordinate the treatment, medications and services you receive. We may also disclose your PHI with other third parties, such as hospitals, other pharmacies and other health care facilities and agencies to facilitate the provision of health care services, medications, equipment and supplies you may need. This helps to coordinate your care and make sure that everyone who is involved in your care has the information that they need about you to meet your health care needs.
  • Health Care Operations. We may use and disclose your PHI for our health care operations, including disclosure to vendors, partners, or business associates who assist us in the operation of our business. Health care operations are activities necessary for us to operate our health care businesses. For example, we may use your PHI to monitor the performance of the staff and therapists providing treatment to you. We may use your PHI as part of our efforts to continually improve the quality and effectiveness of the health care products and services we provide. We may use your PHI to create de-identified data, which is stripped of your identifiable data and no longer identifies you.
  • Legal Disclosures. We may disclose your personal information in response to a subpoena or other court order, if otherwise required by law, or in an effort to cooperate with law enforcement. We may disclose your personal information when doing so is necessary to respond to a subpoena or court order or in response to a request from law enforcement, or we may disclose your information to law enforcement to report limited information in certain circumstances. To the extent necessary to comply with law, we may disclose your PHI to worker’s compensation or other similar programs established by law. If you are involved in a lawsuit or a dispute, we may disclose your PHI in response to a court or administrative order. We may also disclose your PHI in response to a court order, a subpoena, discovery request, or other lawful process, but only if efforts have been made, either by the requesting party or us, to first tell you about the request or to obtain an order protecting the information requested. We may release PHI about you to federal officials for intelligence, counterintelligence, protection of the President, and other national security activities authorized by law.
    • VIP’s – Friends and Family. We may use or disclose your PHI to notify or assist in notifying a patient’s family member, personal representative, or another person involved in or interested in your care, regarding your location and general condition, your rehabilitation goals, and your progress. We may also share your personal information with third parties, as permitted by you. To the extent you authorize third parties to access your healthcare progress through the App and have executed a HIPPA authorization permitting us to do so, we may share your personal information with those authorize third parties.  A patient may designate which individuals to designate as VIP’s and may further designate the level of information an individual VIP should receive.  All information provided by a VIP may be shared with the designating patient and with us.
    • Specific Uses or Disclosures Requiring Authorization. We will obtain your written authorization for the use or disclosure of PHI for marketing, and for the sale of PHI, except in limited circumstances where applicable law allows such uses or disclosure without your authorization. We will obtain your written authorization before using or disclosing your PHI for purposes other than those described in this Notice or otherwise permitted by law. You may revoke an authorization in writing at any time. Upon receipt of the written revocation, we will stop using or disclosing your PHI, except to the extent that we have already taken action in reliance on the authorization.
    1. Your Health Information Rights.
    • Obtain a paper copy of this Privacy Policy upon request. You may do so by contacting us at [email protected].
    • Request additional restrictions on our use or disclosure of your PHI by sending a written request to [email protected].
    • Inspect and obtain a copy of your PHI
    • Request an amendment to your PHI if you feel that PHI we maintain about you is incomplete or incorrect
    • Receive an accounting of disclosures of PHI
    • Request communications of PHI by alternative means or at alternative locations
    • Receive notification of a breach of security and an inadvertent disclosure of your PHI.
      1. How to Manage Your Information. The mechanisms below provide you with certain options about how to exercise control over your Personal Information:
        • Information Access. Upon your request, Joro will remove your Personal Information from Joro’s records related to this Site. We cannot delete your Personal Information without deleting your account. If you wish to update/correct Personal Information you have already provided to us, or if you wish to remove your Personal Information from our records, please send your request to us via email at [email protected], or via postal mail to this address: [______________] or log in to modify your account profile page. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. If you delete publicly posted submissions from the App, copies may remain viewable in cached and archived pages, or might have been copied or stored by other users.
        • Email Marketing. We will only market to you by email if you opt-in to receive email correspondence from us. You may choose to opt out of receiving marketing emails that promote our products from us at any time by sending your request to us via email at [email protected], or via postal mail at ______________, or by using the means (such as clicking “unsubscribe”) provided in our marketing emails. Please note, however, that your opt-out will apply only to marketing emails, not email communications about your Transaction or other non-marketing correspondence.
        • Do Not Track Disclosure. Some browsers have a “do not track” feature that, when enabled, signals websites and online services that you do not wish to be tracked. Joro takes no action in response to web browser signals and other mechanisms that enable consumers to exercise choice about behavioral tracking because there is still no acceptance standard for how to respond to them.
      2. California Residents. California Civil Code Section 1798.83 permits users of the App who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to [email protected], call us at XXXXXXX or write us at:

      INSERT ADDRESS

       

      1. COPPA. This App is not intended for use by individuals under the age of 18.  If we discover that any registration is made by child under the age of 18, such registration will be immediately and permanently canceled and removed from our App, with or without notice.
      2. Security. We take certain measures to protect the security of the information. The information is stored on servers protected by physical and network security, including keys, access codes and/or passwords. Access to the servers is restricted to authorized personnel who are trained in security policy and processes.  While we take these measures, there is no guarantee that the App is error free, interruption free or free from threat of outside virus or attack, despite our efforts to safeguard your experience.
      3. Third Party Apps. This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any App or web property (including, without limitation, any application) that is available through this App or to which this App contains a link. The availability of, or inclusion of a link to, any such App or property on the App does not imply endorsement of it by us or by our affiliates.
      4. California Residents. If you are a California resident and would like a copy of a notice describing categories of information shared with third parties or contractors for direct marketing purposes and the names and addresses of such third parties and contractors that received information in the past year, please submit a written request to [email protected] or [INSERT ADDRESS].
      5. Right To. To the extent that we process personal data as explained above to safeguard our legitimate interests, you can object to this processing with effect for the future. If the processing is for direct marketing, you can exercise this right at any time as described above. Insofar as the processing takes place for other purposes, you are only entitled to a right of objection if there are reasons that arise from your particular situation. After exercising your right to object, we will not further process your personal data for these purposes, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or if the processing of the assertion, exercise or defense of legal claims serves. This does not apply if the processing is for direct marketing purposes. Then we will not process your personal data for this purpose.
      6. Data Retention. We generally keep Personal Information received long enough to perform the requested services or for a period required by contract, law or regulation. We generally keep Personal Information we collect from you for a period of two years from its last use and if it is not in use with a specific program at that time, we will destroy it.
      7. Modifications. We may modify this Privacy Policy from time to time in our sole discretion. If we make a material change to this Privacy Policy, we will contact registered users by email prior to the enactment of the amendments to the Privacy Policy. If this policy changes, the “Date last updated” at the top of this page will change.  By continuing to use our App after such notice, you are bound by this Privacy Policy as modified.
        1. and network security, including keys, access codes and/or passwords. Access to the servers is restricted to authorized personnel who are trained in security policy and processes.  While we take these measures, there is no guarantee that the App is error free, interruption free or free from threat of outside virus or attack, despite our efforts to safeguard your experience.
        2. Third Party Apps. This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any App or web property (including, without limitation, any application) that is available through this App or to which this App contains a link. The availability of, or inclusion of a link to, any such App or property on the App does not imply endorsement of it by us or by our affiliates.
        3. California Residents. If you are a California resident and would like a copy of a notice describing categories of information shared with third parties or contractors for direct marketing purposes and the names and addresses of such third parties and contractors that received information in the past year, please submit a written request to [email protected] or [INSERT ADDRESS].
        4. Right To. To the extent that we process personal data as explained above to safeguard our legitimate interests, you can object to this processing with effect for the future. If the processing is for direct marketing, you can exercise this right at any time as described above. Insofar as the processing takes place for other purposes, you are only entitled to a right of objection if there are reasons that arise from your particular situation. After exercising your right to object, we will not further process your personal data for these purposes, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or if the processing of the assertion, exercise or defense of legal claims serves. This does not apply if the processing is for direct marketing purposes. Then we will not process your personal data for this purpose.
        5. Data Retention. We generally keep Personal Information received long enough to perform the requested services or for a period required by contract, law or regulation. We generally keep Personal Information we collect from you for a period of two years from its last use and if it is not in use with a specific program at that time, we will destroy it.
        6. Modifications. We may modify this Privacy Policy from time to time in our sole discretion. If we make a material change to this Privacy Policy, we will contact registered users by email prior to the enactment of the amendments to the Privacy Policy. If this policy changes, the “Date last updated” at the top of this page will change.  By continuing to use our App after such notice, you are bound by this Privacy Policy as modified.

        If you have questions about this Privacy Policy, you may contact us at [email protected]. We will use reasonable efforts to respond promptly.