Let us be
Your Partner in Transformation

For state and county justice leaders, recovery experts, educators, and wellness advocates seeking more than the status quo, Journey.do offers a holistic approach to growth and accountability.

Book a Demo

Relevant Resources for You

More on Journey
Contract Resources

All programs are grounded in our research-based behavioral change framework, designed to ensure meaningful growth. This involves a full service framework from intake to outtake, and a series of evidence-based practices that our coaches use.   (Read more -->)

To make it easy for governmental organizations to hire our program, we have built a sole source justification, answering relevant questions. We also have a brief overview of services that often are brought up. (Read more -->)

This case study reports on our collaboration with the Maricopa County Juvenile Probation department to roll out an AI-powered platform that addresses the key needs of justice-involved youth. (Read more -->)

We understand trust begins with security. Our robust security measures ensure that your data is always safe, protected, and handled with care. From implementing advanced encryption standards and secure authentication methods to providing detailed audit trails, we take every precaution to maintain the integrity of your information.  (Read more -->)

Stories do their transformative work differently than simply memorizing content. Recent research in the neurosciences shows that story lights up the brain differently than does content alone. (Read more -->)

We offer a full service solution, using evidence-based practices, platform technologies, and trained staff to ensure growth happens. Learn more about frequently asked questions related to our implementation service and platform.  (Read more -->)

With support from the National Science Foundation we have been able to research and integrate AI to ensure personalized care. We run our AI in a safe and secure private instance within our Amazon Cloud, using Claude AI developed by Anthropic.  (Read more -->)

To ensure seamless access to the Journey.do platform while maintaining a secure environment, we provide the following guidelines for network administrators to properly configure firewall and proxy settings. This will ensure that the necessary domains and services are whitelisted, allowing uninterrupted access.  (Read more -->)

Therapeutic Learning Framework

We make sure change happens with personalized care.

Many solutions focus on one approach—therapy, small groups, academic content—but we combine decades of research across multiple fields with cutting-edge technology and AI to deliver real results.

Instead, we set out to build a new product and service based on insights from the learning sciences, therapeutic sciences, neuro-sciences, developmental sciences, and the social sciences. Bringing these together, we built a framework that was grounded in research, and with advances in platform technologies and generative AI, are able to offer it at scale.  

Download Research-Base Framework - Download PDF
Download Evidence-Based Practices Used - Download PDF

01: Intake Meeting

We start with a one-on-one meeting to understand the individual, identify needs, and set goals. This session, often virtual, is recorded to harness AI for crafting a personalized growth plan.

02: Growth Plan

We use AI to review the intake session and build a growth plan that connects expressed needs to relevant platform modules. Once the plan is created it can be edited and shared.

03: Certificate One

Learners use the platform anytime, anywhere to complete assigned modules with guidance from expert coaches. Once thresholds are met, they earn a printable certificate of achievement.

04: Certificate Two

Growth Journeys often involves assigning multiple certificates. Your staff has full oversight, with real-time data, progress and AI insights available through our intuitive coaching dashboard

05: Transition Plan

Our AI synthesizes all activities, generating a transition plan that highlights achievements, addresses challenges, and outlines next steps. This plan can be shared as a PDF portfolio.

06: Outtake Meeting

A final session focuses on sharing the transition plan, celebrating progress, and addressing future challenges. Together, we reinforce change and ensure lasting impact.

Maricopa County Case Study


Jan 2023 - Aug 2024

This case study reports on our collaboration with the Maricopa County Juvenile Probation department to roll out an AI-powered platform that addresses the key needs of justice-involved youth.

We have now served over 3,500 youth who have completed over 20,000 protective factor stories across all contexts of care: diversion, probation, and detention. It also shares some of the statistically significant findings.

2024 Case Study Gun Safety Report

At Lifelab Studios, we are singularly focused on unlocking human potential.

We believe that discovering one's potential is a gift! We want to ensure that everyone and anyone has the opportunity to unlock this sacred gift.

We do this by providing ...
a small group journey platform where member stories matter. The learner platform was built out of decades of research on the power of story, learning and motivation, and what it means to build a learning platform that puts people's stories of using content above the content.
(Download PDF) -->  

Our origin story. Lifelab Studios grew out of Arizona State University and decades of research focused on how people learn. Sprinkle on the stories from our members and the strength-based feedback of our leaders, and we have something quite transformative ... we have the opportunity to unlock the potential of ALL human beings to be all they were meant to be.

Why Do Stories Matter?

Stories do their transformative work differently than simply memorizing content. Recent research in the neurosciences shows that story lights up the brain differently than does content alone. In fact, it has the potential to rewire neuronal connections and even rewrite the narrative of self. Also, through stories we connect in deeply personal ways, as they wrap themselves up in who we are at our core: affirming possibility and validating transformation.

Stories are Personal

Stories bring content into the learner’s felt experience and connect to who we are. Stories support becoming as one reflects on personal abilities in relation to achievements.

Stories are Relational

Stories allow us to connect with other people, affirming their personal struggle and valuing their success. Story build connection and belonging, and relationships catalyze growth.

Stories are Contextual

Stories illuminate particulars, enabling others to see the content applied in different contexts. Stories provide a rich opportunity for people to connect in deeply personal ways.

Integration of Generative AI

We run our AI in a safe and secure private instance within our Amazon Cloud, using Claude AI developed by Anthropic. We find Claude to be the best solution for our generative AI needs, especially in terms of using prompts, n-shot examples, temperature settings, and advancing useable insights. No user data is stored, shared externally, or used to refine AI models. Unless explicitly stated, all AI-generated insights are reviewed by staff before being shared, ensuring human oversight and mitigating bias.

With support from the National Science Foundation and from Maricopa Public Health, we have partnered with Arizona State University to continually develop, test, and fine our AI integration so we can provide personalized care at scale. Initial findings show AI can provide insights that are more accurate, trustworthy, relevant, and useable than coaches alone.

Download AI Statement
Ensure Consistency

Ensure quality and consistency of guidance and feedback across coaches. Also, identify needs and linkage to care opportunities.

Personalize Care

Create high quality growth and transition plans to ensure hyper-personalized care. AI allows us to personalize care and do so at scale. 

Identify Themes

Analyze large numbers of stories and plans for individuals, groups, or across organizations to create knowledge and advance insights. 

Unique Value Proposition

Sole Source Justification

Journey.do's program, built on substantial academic research and integration with juvenile justice systems, offers a unique proposition for organizations focused on supporting lasting behavioral change, especially with populations who might be somewhat resistant to authority. The Journey.Do program is an anytime, anywhere solution that begins with an intake managed by growth specialists trained in key evidence-based practices, including motivational interviewing, strength-based feedback and trauma-informed care. It emphasizes real-life application and social validation, prioritizing member experiences in small-group settings.

This approach, coupled with a mobile-first design, AI-enhanced insights, and features like customizable certificates and shareable growth transcripts, positions Journey.do as an ideal choice for impactful, scalable services for ensuring positive change.

Its comprehensive framework supports not just content delivery but fosters personal growth, community, and real-world change, making it a standout solution for the justice segment. The champion dashboard for creating and managing groups, also leverages AI to ensure best-in-class feedback to local officers, provides up-to-the minute accountability and enhanced reports for counties, as well as enabling continuous optimization for greater impact over time.

Key points that underscore journey.do distinctiveness, grouped into 4 categories, and are downloadable in the following document (download here).

Download Full Text

SECURITY STATEMENT

Security in Journey.do

At Journey.do, we understand that trust begins with security. Security is built into the fabric of our cloud platform, infrastructure, and processes, ensuring your data is safeguarded at every level. Our robust security measures include encryption for data at rest and in transit, strict AI safeguards, role-based access control (RBAC), multi-factor authentication (MFA), and a multi-tenant architecture, ensuring data integrity and responsible handling.

We deliver an annual uptime of 99.85% and prioritize transparency, accountability, and privacy. User data is securely retained for up to three years to support reporting and long-term impact evaluation, with the option for organizations to request a shorter retention period. 

Our AI systems are built with privacy, fairness, and security in mind. No user data is stored, shared externally, or used to refine AI models. All AI-generated insights are reviewed by staff before being shared, ensuring human oversight and mitigating bias.

By leveraging cutting-edge AWS infrastructure and maintaining strict security protocols, we provide a secure, resilient environment for every interaction. With Journey.do, you can trust that your data is protected while receiving personalized care and exceptional service.

Download Security Statement

Our Written Information Security Policy (WISP) outlines how we protect your data with clear protocols for access, encryption, and incident response, ensuring compliance with the highest industry standards. It’s a testament to our commitment to safeguarding your information and maintaining your trust.

If you would like to receive a copy of Journey.do’s latest WISP, please send a request to support@lifelabstudios.org. Since an NDA is required, please include your company’s full name, company address, and place of incorporation. 

PRODUCT SECURITY

Multi-factor Authentication (MFA)
Journey.do provides advanced account protection through MFA using One-Time Passwords (OTP) and Google Authenticator. For environments like detention facilities, innovative Two-Factor Authentication (2FA) options allow officers to generate and share authentication codes securely with youth.

Role-based Access Control (RBAC)
Journey.do is deployed with various defined user roles with respective permissions; however, administrators have control over user roles, permissions, and access. RBAC ensures users can access only data and features relevant to their roles.

Secure Transmission and Sessions
All data transmissions are encrypted via SSL/TLS, ensuring secure connections. Individual sessions are uniquely tokenized and re-verified for security. 

DATA SECURITY
Encryption
• Data at Rest: Encrypted using AES-256, ensuring sensitive information remains secure.
• Data in Transit: Encrypted using HTTPS/TLS 1.2 or newer.

Password Security
Users’ account passwords stored only in hashed form, using bcrypt with a modern industry standard work factor. 

Data Retention and Transparency
Journey.do collects and securely stores personal data only for as long as necessary to support users’ growth journeys. Users or guardians may request data deletion at any time by contacting support@lifelabstudios.org. Requests are reviewed in compliance with legal and contractual obligations.

Data Deletion
Upon program completion, user accounts are archived, maintaining secure storage within AWS infrastructure.

• Retention Period: User data is retained for up to three (3) years following program completion to fulfill reporting requirements and support long-term impact evaluations. Upon request, counties may opt for a shorter retention period.
• Data Eradication: After the three-year retention period, all personally identifiable information (PII) is redacted, ensuring that individual users and their actions can no longer be traced.
• Security Protections: During the retention period, all archived data remains protected by industry-standard encryption and access controls, preventing unauthorized access or misuse.

Privacy Policy
Journey.do’s Privacy Policy details how personal data is collected, used, and protected. It adheres to GDPR and other legal requirements, offering users rights like data access, correction, and deletion. Visit the privacy policy on our website for more details.
Visit our privacy policy here.

Data Ownership
Users retain ownership of their data, and Journey.do retains no rights beyond service functionality.
Visit our terms of use policy here.

Transparency
Personal data is collected and securely stored only for as long as necessary, with clear retention and deletion policies. 

INCIDENT MANAGEMENT AND RESPONSE
Incident Response Plan (IRP)
Journey.do employs a structured IRP to classify incidents into low, medium, high, or critical levels, ensuring timely communication and resolution.

Data Breach Notification
In the event of a suspected or actual data breach, Journey.do will notify affected parties promptly and in accordance with applicable laws. 

Employee Security Training
All coaches undergo background checks, including County, State, and Federal Criminal Searches (past 7–10 years), SSN Trace, Sex Offender Registry Search, National Criminal Database, and Global Watchlist screenings. All employees undergo comprehensive onboarding and annual security training to ensure adherence to confidentiality, privacy, and security policies (download PDF). A formal employee termination notification process exists, which is initiated by our Human Resources (“HR”) department. Upon notice by HR, all physical and system accesses are promptly revoked.

Principle of Least Privilege
Access to systems is limited to legitimate business needs, reviewed periodically, and revoked immediately upon termination.

Physical Access Control
Robust physical security controls restrict access to offices and data centers, which are managed by AWS with biometric scanning, 24/7 surveillance, and other safeguards. 

At Lifelab Studios, we provide the benefits of AI without compromising on privacy or safety. No data is shared externally, or used internally to refine or retrain AI models.

1. No Data Retention: All data, including stories, uploaded to the platform is processed securely and not stored by our AI systems after use.
2. Restricted Access: All data remains within our private cloud instance, with no external sharing to third-party entities.
3. Generative AI Protections: Our AI systems leverage external data to build and refine models, generate insights, and provide solutions—never sharing back or using your users' data or activities to develop or enhance any AI technologies. 

Platform Hosting
Journey.do's infrastructure operates on Amazon Web Services (AWS) data centers located in the United States.
AWS data centers maintain extensive compliance certifications including ISO 27001, ISO 27017, ISO 27018, ISO 27032, HIPAA, FedRAMP, SOC-1, and SOC-2.

Multi-Tenant Architecture
Journey.do employs a multi-tenant architecture where each customer's data is logically segregated from others. All data is encrypted at rest using AES-256 encryption standards.

ISO 27001 – Data Center
ISO 27001 – Data Center AWS data centers maintain certification with ISO 27001:2013, ISO 27017:2015, ISO 27018:2019, and ISO 27701:2020 standards.

SOC 2 Type II — Data Center
AWS data centers hold SOC 2 Type 2 certification across Security, Confidentiality, Availability, and Privacy Trust Principles.

Physical Access Control – Data Center
For detailed information about AWS's security infrastructure and controls, please refer to AWS's Security Controls Documentation at https://aws.amazon.com/compliance/data-center/controls/

Availability and Reliability
Journey.do utilizes Amazon Web Services (AWS), the world's leading cloud platform, operating across multiple geographically dispersed data centers. Each facility employs comprehensive physical security controls including 24/7 security personnel, video surveillance, multi-factor authentication, and biometric access systems. Redundant power, cooling, and network connectivity ensure high availability, with a service level commitment of 99.99%. All facilities maintain SOC 2 compliance and implement industry-standard fire suppression systems.

We have designed our service for high availability; no less than 99.85%. 

Indirect Cost Policy

In compliance with NSF guidelines (NSF 25-034), all subawards under our NSF-funded projects are subject to a maximum indirect cost rate of 15% of the modified total direct cost (MTDC) base. Dated as of July 1, 2025

PROGRAM SERVICE QUESTIONS

  • A research-based, social growth app available anytime, anywhere
  • Evidence-based journeys focused on protective factor growth and other relevant topics
  • Flexible service model with certified growth champions to ensure growth
  • Data and AI to drive engagement, feedback, insights and continual improvement 

Motivational Interviewing (MI)
Small Group Therapy (SGT)
Trauma-Informed, Strength-Based Support (TI-SB)
Reflective Journaling (RJ)
Life Coaching (LC)
Intrinsic Motivation (IM)
Single Session Intervention (SSI)
Evidence-Based Content (RBC) 

  • We serve organizations in which they are expected to ensure the growth of those in their care.
  • We can either bring our designed journeys, or work with you to “digitize” and integrate your content
  • We can serve online or F2F, or hybrid.
  • In justice, we serve across all contexts of care: community, diversion, probation, and detention 

We provide full support from intake to outtake with virtual programming and trained coaches:

  • Intake assessment using motivational interviewing and strength-based feedback to create growth plan
  • Person completes assigned growth program, usually 4-5 Modules per certificate (2-3 hours)
  • Trained coaches provide personalized feedback for each Module goal, supported by AI
  • Person receives personalized transcript for each growth area, along with transition plan 

  • Journeys are programs designed to support change in an area or areas. Most journeys include multiple certificates with multiple Modules.
  • Each growth journey includes a pre-survey, 5-8 growth modules based on evidence-based content
  • Topics include Harm Reduction, Gun Safety, Adulting, flourishing lives, Marijuana Abuse, Career Readiness, Family Healing, among others 

Before working with youth, each coach completes a nine-module certification program covering motivational interviewing, trauma-informed care, strength-based communication, addiction, and criminogenic needs. Their first 10 reviews and 2 intakes are co-facilitated and assessed by senior staff to ensure quality. Oversight includes weekly team meetings, AI-based review feedback, and active peer and manager support. Coaches uphold strict data privacy, use evidence-based practices, and tailor each plan to the youth’s unique goals and strengths.

A modular approach

We offer a full service solution, using evidence-based practices, platform technologies, and trained staff to ensure growth happens. Download our come-alongside coaching service pamphlet (download PDF). All coaches undergo comprehensive background checks, including County, State, and Federal Criminal Searches (past 7–10 years), SSN Trace, Sex Offender Registry Search, National Criminal Database, and Global Watchlist screenings.

Before working with youth, each coach completes a nine-module certification program covering motivational interviewing, trauma-informed care, strength-based communication, addiction, and criminogenic needs. Learn more about frequently asked questions related to our implementation service and platform.

(Read more about coach training -->)

How to Whitelist?

To ensure seamless access to the Journey.do platform while maintaining a secure environment, we provide the following guidelines for network administrators to properly configure firewall and proxy settings. This will ensure that the necessary domains and services are whitelisted, allowing uninterrupted access. We follow industry best practices for platform security and operation, with data encrypted at rest, and rely on multi-factor authentication for sensitive information.

Security Assurance:
Our AI and all ongoing project updates operate within secure, cloud-hosted environments. Each environment is fully secured and enables secure communication between the services.

Every account, whether for a county, department, or caseload, is "containerized." This means that only the registered members within that specific container can access its data. This isolation ensures that each county manages its own private, secure instance.

View Whitelist Requirements

Whitelist Required Domains

To ensure the platform functions correctly, it's essential to whitelist the specific domains and services used by Journey.do. With these whitelisted, we can then run the platform on any device already deployed in your system, either as app or URL.

Custom Configuration Support

If any of these domains conflict with your existing settings, please reach out to us directly. For example, our third-party providers such as logrocket are not critical to the functionality of our platform, but is used to provide support and/or enhance the feature set of Journey.do

Device-Level Configuration

We are available to help configure the platform to fit your needs and assist in configuring device-level safety and security settings to augment network security best practices.

Customers We Serve



Thrivecast



Apple Google



Home      Programs     Resources    About Us

© Copyright 2021-2025 Lifelab Studios, Inc.