• (408) 606-9191
    • Book Now

    Introduction

    LeReve Wellness (“we,” “our,” or “us”) is committed to protecting your privacy and ensuring the security of your Protected Health Information (PHI) in compliance with the Health Insurance Portability and Accountability Act (HIPAA).

    Information We Collect

    Personal Information
    – Email address
    – Name (optional)
    – Account credentials

    Health Information (PHI)
    – Mental health assessment results (PHQ-9, GAD-7)
    – Pain and sleep quality assessments
    – Physical function assessments (SF-36, Oswestry)
    – Vital signs (blood pressure, heart rate, temperature, etc.)
    – Body measurements
    – Lab results
    – Medication history
    – Surgical history
    – Family health history
    – Allergies
    – Social history

    How We Use Your Information
    We use your information to:
    – Provide health self-assessment services
    – Track your health metrics over time
    – Generate health reports and exports
    – Enable sharing with your healthcare providers (with your consent)
    – Improve our services

    Data Storage and Security

    Encryption
    – All data is encrypted in transit using TLS 1.2+
    – All data is encrypted at rest using AES-256

    Access Controls
    – Multi-factor authentication available
    – Biometric authentication (Face ID/Touch ID) supported
    – Role-based access control for healthcare providers
    – Automatic session timeout

    Audit Logging
    – All access to PHI is logged
    – Audit logs include timestamp, user, action, and IP address
    – Logs are retained for 6 years per HIPAA requirements

    Data Sharing
    We do NOT sell your health information. We may share your data:
    – With healthcare providers you explicitly authorize
    – When required by law
    – To protect your vital interests in emergencies

    Your Rights Under HIPAA
    You have the right to:
    Acces: Request a copy of your health information
    Amendment: Request corrections to your health records
    Accounting: Receive a list of disclosures of your PHI
    Restriction: Request restrictions on certain uses of your PHI
    Confidential Communications: Request communications through specific means
    Data Portability: Export your data in standard formats (JSON, CSV)

    Data Retention
    – Active account data: Retained while account is active
    – Deleted account data: Removed within 30 days of account deletion request
    – Audit logs: Retained for 6 years per HIPAA requirements

    Breach Notification
    In the event of a data breach affecting your PHI:
    – We will notify you within 60 days
    – We will notify the HHS Secretary as required
    – We will provide details of the breach and steps taken

    Children’s Privacy
    This app is not intended for children under 13. We do not knowingly collect information from children under 13.

    Contact Us
    For privacy concerns or to exercise your HIPAA rights:
    – Email: privacy@lerevewellness.com
    – Phone: 1-800-LEREVE-1
    – Address: 2516 Samaritan Drive, Suite G, San Jose, CA 95124

    Changes to This Policy
    We may update this policy periodically. We will notify you of material changes via email or in-app notification.

    HIPAA Notice of Privacy Practices

    This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.