Your Health Data Is Yours.We Built It That Way From Day One.
Privacy isn't a policy here — it's the product. Here's exactly how we protect your data.
Six Things We Promise.
No Exceptions.
You Own Your Data
Export or permanently delete your health data at any time from within the app. No retention after deletion. No lock-in.
Never Sold
Your health, genetic, and behavioral data is never sold to third parties, insurers, pharma companies, or advertisers.
Encrypted End-to-End
All PHI encrypted at rest (AES-256) and in transit (TLS 1.3). Access requires multi-factor authentication.
HIPAA Compliant
We operate as a covered entity. BAAs with all vendors who touch PHI. Annual risk assessments. Staff-certified annually.
Genetic Governance
Your genetic data is never used for research or shared with any third party without explicit written opt-in consent.
Role-Based Access
Only your assigned care team sees your clinical data. Full access logging — every touch is auditable.
Healthcare-Grade
Privacy
Geviti operates as a HIPAA-covered entity. Every vendor who handles PHI signs a BAA. We run annual risk assessments.
Annual HIPAA Risk Assessment (NIST)
BAAs with all PHI-adjacent vendors
Staff HIPAA training + annual certification
Breach notification — 60-day procedure
Hosted on HIPAA-eligible AWS infrastructure
Genetic Data Gets
Extra Protection
Your genomics results are stored separately, access-controlled beyond standard PHI, and never used for research without explicit written consent.
Stored on separate, restricted infrastructure
No research use without explicit opt-in
No third-party genomics sharing
Permanent deletion available on request
What's Under the Hood
AWS Infrastructure
HIPAA-eligible. US-only data residency.
Redundancy
Automated backups. 99.9% uptime SLA.
Audit Logging
Full trail — who saw what, when.
Annual Pen Testing
Third-party security assessment yearly.