GDPR Checklist
How do you collect personal data?
We collect information from individuals in any of the following circumstances:
They sign up for a newsletter or other information.
They apply for a scholarship for one or more of our educational programs.
They choose to enroll in one or more of our educational programs.
How and where is this information stored?
We store any personal information in our secured data management software. Patient information is protected health information (“PHI”) under HIPAA and state law and is stored by us in a HIPAA compliant manner.
How is customer information used once it is collected?
For patients: to establish a new doctor-patient relationship through the Marni Chanoff, MD website linked to this Joy In Health website.
For non-clients/non-patients: to provide them access to our educational programs, newsletters or other publicly available information. To the extent a non-client user/non-patient user shares PHI, this is protected in a HIPAA compliant manner.
How is customer information secured?
Visitor and patient information is only stored on private, password and/or access- protected servers or websites. Protected health information is stored in a HIPAA compliant manner.
Is customer data transferred to other organizations or countries?
We do not share customer data or protected health information.
Who in your organization can access the personal data?
Only Dr. Marni Chanoff and employees or designated agents of Joy in Health can access personal data.
What Personal Information About Customers Does Joy in Health Collect?
For non-clients/non-patients: We collect usernames and email addresses.
For participants in our educational programs: We collect name, address, email and telephone information. We may collect protected health information from non-client/non-patient participants.
For patients: We receive the protected health information visitors provided to us through the Marni Chanoff, MD website linked to this Joy In Health website.
For What Purposes Does Joy in Health Process Its Visitors’ Personal Information?
For non-clients/non-patients: We use customer information to deliver our educational programs, newsletters or other information.
For patients: We use protected health information to establish a patient-doctor relationship through the Marni Chanoff, MD website linked to this Joy In Health website. Any protected health information is governed by HIPAA compliant privacy terms.
Provide, troubleshoot, and improve our Services: We use customer information to provide functionality, analyze performance, fix errors, and improve the usability and effectiveness of our website.
Communicate with you. We use customer information to communicate with you about our products and services.
What about Third-Party Advertisers and Links?
We do not currently advertise for any other company or have links to their websites.
What Information Can I access?
For non-patients: once you enter and upload your information you can no longer access it.
For patients: Patients can at any time access their information to update their information.
What Choices Do I Have?
You will only receive our newsletter or marketing information if you opt-in to receive it. There is an opt-out option on all emails sent by Joy in Health. Visitors can always contact us directly to request that we delete any of their personal information.
How Long Do We Keep Your Personal Information?
We do not automatically terminate visitor accounts or delete personal information on a set schedule. However, any patient or non-patient may contact us at any time to have their personal information removed from our systems and/or patient records transferred to another healthcare provider.
Contacts, Notices and Revisions
If you have any concern about privacy at Joy in Health or want to contact us about your personal information, please contact us with a detailed explanation and we will try to resolve the issue for you. Unless stated otherwise, our current Privacy Notice applies to all information that we have about you and your account. There are also separate HIPAA compliant Privacy Policies that apply to protected health information of patients.