HIPAA Compliance Statement
Last Updated: July 7, 2026
Important Notice
LevoroFit is NOT intended for use in HIPAA-covered healthcare settings. We are a wellness and lifestyle management platform, not a medical treatment or diagnosis tool.
Overview
The Health Insurance Portability and Accountability Act (HIPAA) is a U.S. federal law that establishes privacy and security standards for Protected Health Information (PHI) handled by covered entities and their business associates.
Is LevoroFit Subject to HIPAA?
Short Answer: NO
LevoroFit is a wellness platform for lifestyle management and fitness optimization. We are NOT a covered entity or business associate under HIPAA because:
- We do NOT provide medical diagnosis or treatment
- We do NOT bill health insurance
- We do NOT operate as a healthcare facility
- Our customers (nutritionists, gyms, yoga studios) are typically NOT covered entities
- We do NOT integrate with EHR/EMR systems or access medical records from hospitals
What LevoroFit Is
Wellness Platform
LevoroFit is designed for lifestyle management, fitness optimization, and wellness coaching:
- •Nutrition coaching and meal planning
- •Fitness tracking and workout management
- •Wellness lifestyle optimization
- •Client management for wellness professionals
Data We Collect
Wellness Data (With Consent)
- •Weight, height, and body measurements (fitness metrics)
- •Sleep patterns and hydration (wellness habits)
- •Dietary preferences and meal logs (nutrition coaching)
- •Exercise routines and activity levels (fitness tracking)
Data We DON'T Collect
- ✗Medical diagnoses or conditions
- ✗Prescription medications or dosages
- ✗Lab results or medical test data
- ✗Medical insurance information
- ✗Healthcare provider medical records
Security Measures We Implement
While not HIPAA-covered, we take security seriously and implement industry-standard protections:
Encryption
- • Data encrypted in transit (TLS 1.2+)
- • Data encrypted at rest (AES-256)
- • Secure HTTPS connections only
Access Controls
- • Role-based access permissions
- • Multi-factor authentication available
- • Audit logging of data access
Data Protection
- • Daily automatic backups
- • Redundant data storage
- • Secure password hashing (bcrypt)
Privacy
- • No data sharing with third parties
- • GDPR and CPRA compliant
- • User data deletion available
For Medical Professionals & Healthcare Facilities
Not Suitable for HIPAA-Covered Settings
If you are a medical professional operating within a HIPAA-covered entity (hospital, clinic, insurance-billing practice), LevoroFit is NOT appropriate for your use case.
We recommend: Use HIPAA-compliant EHR/EMR systems designed for medical settings (e.g., Epic, Cerner, Athenahealth).
Contact Us
For any questions about our compliance position or data security practices:
Privacy & Data Protection Team
We will respond to all requests within 30 days.
Looking for Privacy Rights?
While we're not HIPAA-covered, we do take data privacy seriously. See your regional privacy rights:
Central hub for privacy rights across all regions