Yosi Service and associated functionalities and are not meant for use by children. By accessing, using and/or submitting information into the service, you undertake that you are 13 years of age or older. If we discover that a registered user is under the age of 13 years, we will promptly notify said user and proceed to delete the records from the Yosi database.
What Categories of information do we collect?
We may collect personal identification information such as but not limited to, name, phone number, email address, address, gender, date of birth, health insurance details from Users in a variety of ways, including, but not limited to, when Users visit our Site, register on the Site, download and register with the Yosi App, register with YosiMD at the doctor’s office, subscribe to the newsletter, respond to a survey, fill out a form, and in connection with other activities, services, features or resources we make available on our Site and/or the Yosi App and YosiMD.
Users may be asked for, as appropriate, name, email address, mailing address, phone number. We collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply Personally Identifiable Information (PII), and/or Protected Health Information (PHI) except that it may prevent them from engaging in certain Site and/or Yosi App related activities.
Users may voluntarily supply Yosi with the following aspects of Personally Identifiable Information(PII) and/or Protected Health Information (PHI) in order for Yosi to to provide its primary purpose functionalities. The User’s decision not to provide this information may affect their ability to avail of some of functionalities offered through The Service:
a. Users phone number – This information is collected either voluntarily from the User or from their healthcare or social care provider. Users may receive text messages from their healthcare provider or the social worker via the Yosi Service. Users sharing their phone numbers with their health care provider or their social worker will be considered as implicit permission to receive text messages from The Service on behalf of these entities. Based on this implicit permission (in some renderings of The Service where the partner entity requires us to do so) Yosi will send an initial Subscribe/Unsubscribe text message which gives the User the option to stop receiving any further text messages. When the User explicitly shares this information with The Service, they consent to a default set of texting options which, where applicable, they can alter from within The Service (some renderings of The Service are mainly informational in nature and rely on the User’s preferences to disseminate relevant information to the User’s devices. In these renderings the User has the ability to modify their text messaging preferences from within The Service.)
c. Protected Health Information such as, but not limited to medical history and medications, past surgeries, allergies and past medical visits.
d. If you have opted to aggregate your Health Kit ® or Google Fit ® data into the Yosi App, we may collect this information on your behalf.
Users may also provide us with electronic signatures (or esign) in different sections of the Yosi Service. The signature may be collected in the form of actual signature placed by the user on a touchscreen device (with or without the assistance of a pointing device), placing an image of the user’s signature where required and/or electronic acknowledgement (by performing an action on the service) which can be construed as e-signature due to the unique nature of the login credentials provided to each user. The user acknowledges that in providing such electronic signature, they have read and understood the particular section to which the esign pertains and that their electronic signature can and will be used in lieu of their signature on paper (the use of which the Yosi service is striving to eliminate)
Non-personal identification information:
We may collect non-personal identification information about Users when they interact with Yosi.. Non-personal identification information may include the browser name, the type of computer and technical information about Users’ means of connection to our Site and/or the Yosi App, such as the operating systems, the device Ids, location, the Internet service providers utilized, and other similar information.
Web browser cookies
The Yosi Service stores a cookie on your computer if you have cookies enabled. If you do not have cookies enabled, you may not be able to use some features of the Yosi Service. A cookie is simply a text file, which indicates your Yosi session identification number. This cookie will only be returned to our server if your browser is set to allow sending of cookies (you can also set it to check for permission before sending cookies).
Some web browsers incorporate a Do Not Track (DNT) or a similar feature to signal to website operators that the User does not want his/her activities tracked. However, there is currently no industry consensus as to what constitutes a DNT signal and/or the essential/non-essential activities that it may be signaling the website operators to stop tracking. For these reasons many website operators including Yosicare.com do not act on DNT signals. For more information on DNT signals, please visit http://allaboutdnt.com.
What guidelines do we use to protect your personal information?
Some of the Protected Health Information (PHI) and Personally Identifiable Information (PII) that we collect are protected under the HIPAA (Health Insurance Portability and Affordability Act) of 1996, more specifically under section 13410(d) of the HITECH (Health Information Technology for Economical and Clinical Health) Act. Yosi’s disclosure of your PHI is strictly guided by these federal rules which require us to obtain specific permission before any disclosure of your PHI.
How we use collected information
Yosi may collect and use Users’ personal information for the following purposes:
Improve customer service – Information you provide helps us respond to your customer service requests and support needs more efficiently.
Facilitate user transaction – Yosi Service may send the user, emails or text messages to directly facilitate communication between the user and any of their health care providers such as but not limited to medical practices, pharmacies, labs and other associated health care establishments with whom the user is seeking to transact. Your healthcare provider may also contact you directly or via the Yosi Service to communicate transaction related alerts including but not limited to your appointment scheduling, prescription pickup notice, lab result availability and any other related notification.
Personalize user experience – We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site.
Improve The Service – We may use feedback you provide to improve our products and services.
Run a promotion, contest, survey or other Site feature – To send Users information they agreed to receive about topics we think will be of interest to them.
Send periodic emails or text messages – We may use the email address and or mobile phone numbers to send the User, information and updates pertaining to their profile and their activities, including but not limited to, text messages on behalf of the User’s healthcare provider regarding upcoming appointments or medication reminders. It may also be used to respond to the User’s inquiries, questions, and/or other requests. If User decides to opt-in to our mailing list, they will receive emails and/or text messages that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails or text messages, they may do so by contacting us via our Site. Text messages sent on behalf of User’s health care provider are governed by their texting policies and are not subject to Yosi opt-out.
Yosi may also contact you via push notifications for important reminders and product updates. Explicit permission is sought for use of this mechanism through the mobile operating platforms. At any time during the use of the Yosi App you have the option of activating or deactivating this option from the mobile platform’s settings menu. However, in doing so, you may lose the ability to avail of some advanced features and services provided by Yosi.
How we disclose collected information
With Yosi, at all times, you control your profile and to whom your Protected Health Information is sent. You should check with your healthcare provider (with whom you may have instructed Yosi to share your PHI) to understand how they protect the privacy of your information once it is shared with them.
You own your PHI and can at any point, decide which portions of this information can be shared, and with whom. Please check the following link for more information on your rights as a patient.
Additionally Yosi may disclose Protected Health Information (PHI) under the following circumstances:
Required by law. Disclosures of PHI are permitted when required by other laws, whether federal, tribal, state, or local.
Public health. PHI can be disclosed to public health authorities and their authorized agents for public health purposes including but not limited to public health surveillance, investigations, and interventions.
Abuse, neglect, or domestic violence. PHI may be disclosed to report abuse, neglect, or domestic violence under specified circumstances.
Law enforcement. Under specified conditions, disclosure of PHI to law enforcement officials is permitted pursuant to a court order, subpoena, or other legal order such as a search warrant or arrest warrant, to help identify and locate a suspect, fugitive, or missing person; to provide information related to a victim of a crime or a death that may have resulted from a crime, or to report a crime.
Judicial and administrative proceedings. A covered entity may disclose PHI in the course of a judicial or administrative proceeding under specified circumstances.
Oversight. Covered entities may usually disclose PHI to a health oversight agency for oversight activities authorized by law.
Worker’s compensation. The Privacy Rule permits disclosure of work-related health information as authorized by, and to the extent necessary to comply with, workers’ compensation programs.
When you register for the Yosi Service, you agree to authorize disclosures by Yosi to provide you with the primary purpose services of Yosi, and under the legal, regulatory and public health situations enumerated above. Yosi reserves the right to share aggregated information with third parties in which case personal information about you will never be disclosed.
Individuals have a right to an accounting of the disclosures of their protected health information by Yosi. The maximum disclosure accounting period is the six years immediately preceding the accounting request.
How we protect your information
Yosi is committed to the safety and security of your personal information. At Yosi, we maintain physical, electronic and procedural safeguards that comply with federal standards to guard your personal information. When you enter personally identifiable information on our registration page, we encrypt that information using at least 128-bit secure socket layer technology (SSL). The Yosi database is physically protected at a secure, third party site and is monitored by security personnel on a 24X7 basis. Only authorized personnel can access the data center, and they must submit to multiple forms of identification including biometric authentication.
Any information that is transmitted from and in between the Yosi Service and the central database or to the customer’s devices, is encrypted both in-motion and at-rest. Additionally all PII and PHI stored in the Yosi database is masked in order to ensure that at no time, Yosi personnel will have a view of customers’ personal information unless specifically requested by the customer for the purposes of troubleshooting or to provide specific forms of customer service. Any access to the data is strictly controlled by a role-based permission mechanism. Each role is thoroughly analyzed to ensure only the most essential data access permissions are granted to it.
Yosi personnel also undergo periodic training on the procedural safeguards required to ensure the safety of customer information. These training include password protection practices, office equipment safeguards and training on the types of data that are deemed sensitive. Periodic disaster recovery tests and penetration tests are conducted to ensure that the Yosi Service is able to recover from equipment failures, network events etc. (not including natural calamities and ‘acts of god’) and to ensure that the latest intrusion techniques are safeguarded against. Policies and procedures are also in-place to ensure that the Yosi equipment and software are periodically patched for latest hardware and software updates and also to keep up with latest antivirus updates.
While every effort has been made to ensure the safety of your personal information, no procedure or technology is a 100% dependable. Consequently, Yosi cannot and does not guarantee the security of your personal information. In the highly unlikely event of a data breach or unauthorized disclosure of your personal information, Yosi commits to inform you as to the timing, nature and the extent of said disclosure (to the extent known to us) as soon as reasonably possible and to the extent required and permitted by law. We will also notify you of the steps we have taken to contain the breach and to prevent similar breaches in the future, and the steps you can take to protect yourself.
Retention of personal information
In connection with your use of the Yosi service, Yosi will collect and retain your personal information that you provided directly to Yosi, for as long as you are an active User of Yosi. Should you decide to cancel the Yosi service, we will discontinue the collection of information. We reserve the right to retain the information collected up to the date of your cancellation of the Yosi service for as long as is legally required. This requirement is governed by state laws. New York State law requires medical records be retained for a period of 6 years for adults and in case of minors, for a period of 6 years plus 1 year after the minor User turns 18. This data will continue be maintained under the same security and privacy controls that are in place for active Yosi users until such time that it can be safely deleted.
How to change the personal information previously disclosed
The Yosi Service includes a user profile update form for reviewing or updating personal information provided. If your personally identifiable information provided to Yosi changes, or if you no longer desire our service, you may correct or delete it by logging into Yosi and selecting the appropriate choice on the Yosi menu.
Third party websites
Users may find advertising (“ads”) or other content on our Site that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control tracking mechanisms or the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies which may also change from time to time. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website’s own terms and policies.
Your acceptance of these terms
205 E 42nd St Floor 14 New York NY 10017
Phone: (917) 669-9765
This document was last updated on February 2019