.svg)
Trust begins with how we handle your information
When it comes to health, privacy isn’t optional – it’s foundational. Knowing your medical details are confidential and secure allows you to feel safe, cared for, and respected.
We believe that you should have complete control over your personal health data. That means keeping you informed about every step of our process, giving you full transparency into our policies, and allowing you to choose when and how you share your information.
At Superpower, we meet all HIPAA requirements, align with SOC 2 controls, and operate under strict clinical governance with Clinical Laboratory Improvement Amendments (CLIA)-certified laboratories and licensed physicians.
Your data is encrypted, access-controlled, and never sold.
At a glance
- HIPAA: administrative, physical, and technical safeguards across our systems
- SOC 2: alignment to Security, Availability, Confidentiality, Processing Integrity, and Privacy controls
- PHI Protection: encryption at rest and in transit, least-privilege access, immutable audit logs
- Clinical Governance: CLIA-certified labs, physician ordering and review, documented QA protocols
- Escalation SLAs: clear response timelines for any flagged or critical lab result
- Member Rights: download, correct, or request deletion of your data
What this means in practice
We only ask for what we need.
Every question we ask serves a clear purpose, allowing us to get to know you and your unique health needs and goals.
We encrypt end-to-end.
All health data travels and lives in encrypted form—TLS 1.2+ in transit, AES-256 at rest. Keys rotate automatically and are protected within managed key vaults.
We limit who can see what.
Only those who have a clear need to access any sensitive health information are permitted to see your data. Every data access event is logged and monitored. No one outside our clinical team can view your information.
We put your health first.
Our physicians sign off on every lab order and result and regularly review action plans, especially for clinically-complex cases. Any critical lab results are immediately flagged and trigger a clinical review, follow up, and personal recommendations for next steps.
You maintain control.
You can export or delete your information anytime. We publish details on any third-party vendors, update policies, and share any relevant audit summaries openly.
Our promise
We will protect your data, be transparent about how we do so, and continue to raise the standard for digital health privacy.
Because trust isn’t just a feature, it’s the foundation to feeling cared for.
.avif)
.png)