top of page
Image by Maxim Zhgulev

Privacy Policy

Effective Date: Jan 3, 2025

​

This Privacy Policy describes how JMD Operations, LLC ("JMD Operations," "we," "us," or "our") collects, uses, discloses, and protects personal information when you access or use our websites, applications, and related services (collectively, the "Services").

This Privacy Policy applies to www.justmydoc.com and any subdomains or affiliated sites operated by JMD Operations. It is incorporated into and forms part of our Terms and Conditions.

Nothing in this Privacy Policy alters the independent professional responsibilities or legal obligations of healthcare providers using the Services.

Our Services are intended for individuals located in the United States who are at least 18 years old.

By accessing or using the Services, you agree to this Privacy Policy.

 

1. Our Role

JMD Operations provides administrative, technical, and operational support services to healthcare providers and consultants through the Services. We do not provide medical care and do not make clinical decisions.

Healthcare providers using the Services remain responsible for clinical care, medical decision making, and compliance with applicable healthcare laws.

 

2. Information We Collect

We collect information necessary to operate the Services. If required information is not provided, some Services may not be available.
 

A. Information You Provide

You may provide information when you:

  • Request a physician evaluation or consultation

  • Complete intake or booking forms

  • Communicate with us by email, phone, text, or chat

  • Submit customer support requests

  • Make payments or engage in transactions

Information collected may include:

  • Name, date of birth, home address, phone number, and email address

  • Billing and payment information processed by third party payment processors

  • Identity verification information where required

  • Health information including medical history, conditions, treatments, lab results, or medical records

  • Appointment, transaction, and service related information

  • Communications and customer service interactions

  • Any other information you choose to provide

To the extent this information constitutes PHI, it is handled in accordance with HIPAA and applicable Business Associate Agreements.
 

B. Information Collected Automatically

When you use the Services, we may collect:

  • IP address and general location information such as city and state

  • Browser type, operating system, and device information

  • Pages viewed, time spent on pages, and navigation patterns

  • Referring URLs, search terms, and cookie preferences

This information is used to operate, secure, and improve the Services.

 

3. How We Use Information

We use information for the following purposes:

General Operations

  • To provide, manage, and operate the Services

  • To process payments and schedule appointments

  • To communicate about service usage, updates, and support requests

  • To maintain security, integrity, and functionality


Healthcare Operations

We use information, including PHI, to facilitate communications, scheduling, record storage, and administrative support for healthcare providers and consultants.

We do not use PHI for advertising or marketing in violation of HIPAA.


Communications and Marketing

We may send:

  • Service related communications such as appointment reminders or operational updates

  • Promotional communications where permitted by law

You may opt out of promotional emails using the unsubscribe link provided. Opting out does not affect service related or legally required communications.


Analytics and Improvement

We use information to:

  • Understand how users interact with the Services

  • Improve performance, usability, and content

  • Conduct internal research and operational analysis


Aggregated and De-Identified Information

We may aggregate or de-identify information so it can no longer be linked to you. Such information may be used and shared for research, analytics, and business purposes.

​

4. SMS and Text Messaging

If you provide a phone number, you may receive SMS or MMS messages related to your use of the Services, including:

  • Appointment reminders and confirmations

  • Care related notifications

  • Service updates and promotional messages, with consent

You may opt out of promotional messages at any time by replying STOP or contacting us directly. Essential service messages may continue.

Standard message and data rates may apply.

 

5. Analytics Technologies

We may use third party analytics tools to understand usage patterns and improve the Services. These tools may use cookies or similar technologies.

You can manage cookies through your browser settings and available opt out tools.

 

6. How We Share Information

We may share information in the following circumstances:

  • With healthcare providers and consultants to enable service delivery

  • With service providers and subcontractors who support our operations and are contractually required to protect information, including PHI

  • To comply with legal obligations, court orders, or regulatory requirements

  • In connection with a merger, acquisition, or transfer of assets

  • In aggregated or de-identified form

We do not sell personal information or PHI.

 

7. Data Security and HIPAA Safeguards

Security Program

We maintain an information security and privacy program designed to protect personal information and PHI in accordance with HIPAA requirements. This includes administrative, technical, and physical safeguards appropriate to our role as a Business Associate.

Safeguards include, but are not limited to:

  • Access controls and role based permissions

  • Encryption and secure transmission methods

  • Audit logging and monitoring


Vendors and Subcontractors

We use third party infrastructure and service providers to store and process information, including PHI. These providers are contractually required to:

  • Implement safeguards consistent with HIPAA

  • Limit use and disclosure of PHI

  • Report security incidents and breaches

  • Comply with applicable legal obligations

 

8. Breach Response

If we become aware of an unauthorized access, use, or disclosure of PHI, we will investigate, mitigate harm where practicable, and provide required notifications in accordance with HIPAA and applicable law.

 

9. Individual Rights Under HIPAA

To the extent required by HIPAA, we support healthcare providers in responding to requests to:

  • Access or obtain copies of PHI

  • Amend PHI

  • Receive an accounting of disclosures

Requests regarding medical records should go to records@justmydoc.com.

 

10. Third Party Links

Our Services may contain links to third party websites. We are not responsible for the privacy practices or content of those sites.

 

11. Data Location and International Use

The Services are operated from the United States and intended for U.S. users. Information may be stored or processed in the United States or other locations where our vendors operate.

U.S. law governs the handling of information under this Privacy Policy.

 

12. Privacy Laws

JMD Operations may act as a Business Associate, as that term is defined under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations ("HIPAA"), with respect to certain protected health information ("PHI") that we create, receive, maintain, or transmit on behalf of healthcare providers who use the Services.

Our obligations with respect to PHI arise solely from applicable law and contractual arrangements, including Business Associate Agreements with healthcare providers and subcontractors, and apply only to information that qualifies as PHI.

We use and disclose PHI only as permitted by applicable agreements and law, including for purposes of facilitating services, supporting administrative operations, maintaining records, and complying with legal obligations.

Nothing in this Privacy Policy is intended to create obligations under HIPAA where they do not otherwise apply.

Based on our current operations, we do not believe we are subject to the GDPR or the California Consumer Privacy Act. We do not target users outside the United States or in California.

Questions regarding applicability of privacy laws may be directed to us using the contact information below.

 

13. Children’s Privacy

The Services are not directed to children and are intended for adult use. JMD Operations does not knowingly collect personal information directly from minors. If we become aware that personal information has been collected directly from a minor, we will take reasonable steps to delete that information.

Any decision to provide services involving a minor is made solely by the healthcare provider, subject to applicable law and required parental or guardian consent.

Nothing in this section is intended to expand the scope of services offered to minors.

 

14. Changes to This Policy

We may update this Privacy Policy from time to time. The effective date will be updated when changes are made. Continued use of the Services constitutes acceptance of the updated policy.

 

15. Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact us at:

JMD Operations, LLC
Phone: 215 315 3170
Hours: 9am to 5pm, Monday through Friday
Email: ask@justmydoc.com

Last updated: January 3, 2026

bottom of page