J2 Health, Inc. ("J2," "we," "us," or "our") is a health technology company that helps health insurance plans, health systems, regulators, employers, brokers, and consultants build, monitor, and manage provider networks. Our cloud-based platform allows users to evaluate and improve their provider networks through proprietary analytics, reports, and workflow automations.
We understand that you care about your personal privacy, and we take that seriously. This Privacy Statement describes J2's policies and practices regarding the collection, use, disclosure, and protection of personal data, and sets forth your rights with respect to that data. We recognize that information privacy is an ongoing responsibility, and we will update this Privacy Statement from time to time as we adopt new data practices or as the law evolves.
This Privacy Statement applies to:
This Privacy Statement does not govern:
J2 is headquartered in New York, New York, in the United States. J2 has designated an internal privacy officer to receive questions and complaints regarding J2's personal-data practices and to facilitate the exercise of privacy rights.
Privacy Officer
Nick Bernold
J2 Health, Inc.
244 Fifth Avenue, Suite A241
New York, NY 10001
Email: privacy@j2health.com
Phone: (929) 464-7976
For security incidents or vulnerability reports, please contact security@j2health.com.
The categories of personal data we collect, and how we use them, depend on how you interact with J2.
When you request a demo, attend a webinar, or otherwise communicate with us, we may collect information such as:
We use this information to:
Like most websites, the Site automatically collects certain information when you visit, including:
We use this information to operate and secure the Site, diagnose technical issues, analyze trends and visitor preferences, measure marketing effectiveness, and improve the content and design of the Site.
From time to time, J2 receives personal data about individuals from third parties — for example, sales-intelligence platforms, professional networks (such as LinkedIn), industry-event organizers, partners, and publicly available sources. Information we receive from third parties typically includes additional context about your role, employer, or industry. We use it to enrich our customer-relationship-management (CRM) records and to send relevant business communications.
To build and maintain the J2 Provider Universe — our proprietary dataset of U.S. healthcare providers used to power adequacy scoring and gap-fill recommendations — J2 aggregates information from public and licensed sources.
Provider Universe data consists of professional, business-context information about healthcare providers (NPI, name, practice address, phone number, specialty, taxonomy, group affiliation, and similar). It does not include patient or member information.
J2 has a legitimate interest in understanding how prospects, customers, partners, and other professional visitors use the Site. This helps us deliver relevant content, measure engagement, support our customer-success and sales teams, and continuously improve the Site.
The Site is intended for business users — primarily individuals acting on behalf of health plans, health systems, regulators, employers, brokers, consultants, providers, and similar organizations. The Site is not directed to consumers, patients, or children under 18, and we do not knowingly collect personal information from such individuals through the Site.
The Site is not an authorized channel for submitting Protected Health Information (PHI), member-level data, or other regulated personal data. Such data should only be transmitted through contracted ingestion paths (e.g., the Services UI or J2-provisioned secure file transfer) and only under an executed BAA where applicable.
The Site uses cookies, pixels, tags, and similar tracking technologies operated by J2 and by analytics, marketing-automation, and advertising vendors (for example, web-analytics, CRM, and product-analytics tools). These technologies help us understand how visitors arrive at and use the Site, remember preferences, measure marketing effectiveness, and improve the user experience.
Where required by applicable law, we will request your consent before setting non-essential cookies. You can accept, reject, or manage cookies through any banner we present and through your browser settings. Disabling cookies may affect the functionality of the Site.
J2 hosts the Services on Google Cloud Platform (GCP) infrastructure located in the United States. Within the Services, our customers (typically health plans and health systems) upload provider-network data, member geographies, and other inputs needed to compute network adequacy and related analytics.
In most engagements, J2 does not require Protected Health Information (PHI) or member-level identifiers to deliver the Services — adequacy analysis is performed against provider rosters and de-identified or aggregated member-geography inputs. Where a customer chooses to send PHI, J2 will only receive and process that PHI under an executed Business Associate Agreement (BAA), and J2 will use and disclose PHI only as permitted by HIPAA and the BAA.
If you are an end user of the Services and have questions about how your organization's data is processed, please contact your organization's privacy officer in the first instance.
J2's AI Calling Assistant places automated outbound telephone calls to provider offices to verify professional information such as appointment availability, accepted insurance, address, and similar practice details, on behalf of J2 customers and J2's own data-quality operations. These calls are conducted in a professional, business-to-business context.
When we make these calls:
We do not sell personal information. We share personal data only as described below:
We may also share aggregated or de-identified information that cannot reasonably be used to identify any individual for product, marketing, research, and reporting purposes.
The Site may include integrations with or links to third-party services (e.g., LinkedIn, X/Twitter, video-hosting platforms). If you choose to interact with those services, the relevant third party's privacy policy will apply.
Depending on where you live, you may have the following rights with respect to personal data J2 holds about you:
To exercise any of these rights, contact us at privacy@j2health.com. We may need to verify your identity (and, for requests submitted by an authorized agent, the agent's authority) before responding. Reasonable access will be provided at no cost. If we cannot fulfill a request within a reasonable time frame, we will let you know when to expect a response. If we deny a request, we will explain why.
If you are an end user of the Services and your request relates to your employer's data, we will refer the request to your employer (the controller / covered entity) and assist them in responding.
Marketing opt-out. You can unsubscribe from J2 marketing emails at any time using the "unsubscribe" link in the email or by emailing privacy@j2health.com. We will continue to send transactional and service-related communications (e.g., security notices, contract notices) as needed.
When J2 acts as a Business Associate under HIPAA on behalf of a covered-entity customer, our use and disclosure of PHI is governed by the Business Associate Agreement (BAA) with that customer and by the HIPAA Privacy and Security Rules. In that role:
Residents of California, Virginia, Colorado, Connecticut, Utah, Texas, and other U.S. states with comprehensive privacy laws may have additional rights regarding personal information J2 collects about them in their personal capacity (for example, as a Site visitor or job applicant). These rights generally include the right to know, access, correct, and delete personal information, and to opt out of the "sale" or "sharing" of personal information and certain targeted advertising and profiling.
J2 does not sell personal information for monetary consideration, and we do not knowingly engage in "sharing" personal information for cross-context behavioral advertising in a manner that triggers an opt-out right under the California Privacy Rights Act (CPRA), beyond what is disclosed in our Cookies section.
Much of the data we process about individuals in a workforce or business-to-business context is exempt or partially exempt under these laws. Information we process as a service provider, processor, or business associate on behalf of a customer is governed by our contract with that customer.
To exercise a state-law right, email privacy@j2health.com. We will not discriminate against you for exercising any privacy right.
J2 maintains an information-security program designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. Key controls include:
Encryption, access controls, secure cloud infrastructure, monitoring and logging, personnel following privacy protocols and confidentiality obligations, Sub-processors reviewed for security and privacy postures.
No system can be guaranteed to be 100% secure. If you have reason to believe your interaction with J2 is no longer secure, please contact security@j2health.com immediately.
Personal data is stored on J2's systems and on the systems of cloud and SaaS sub-processors located in the United States.
For specific questions about retention or to request deletion, contact privacy@j2health.com.
The Site and the Services are intended for business users and are not directed to children. We do not knowingly solicit or collect personal information from children under 18 (or the equivalent age of digital consent in your jurisdiction). If you believe a child has provided personal information to us, please contact privacy@j2health.com and we will take appropriate steps to delete it.
We may update this Privacy Statement from time to time. When we do, we will revise the "Last updated" date above and, where required by law or where the changes are material, provide additional notice (for example, by email or a prominent notice on the Site). Continued use of the Site or the Services after the changes take effect constitutes acceptance of the updated Privacy Statement. We will review this Privacy Statement at least annually.
If you have questions, concerns, or complaints about this Privacy Statement or J2's privacy practices, or if you would like to exercise any of your privacy rights, please contact us:
J2 Health, Inc.
Attn: Privacy Officer
244 Fifth Avenue, Suite A241
New York, NY 10001
Phone: (929) 464-7976
Privacy / HIPAA inquiries: privacy@j2health.com
Security: security@j2health.com
General: contact@j2health.com
Billing: billing@j2health.com
We will acknowledge your inquiry promptly and work to resolve it in a reasonable timeframe.