Back to Home

Compliance Policy

Last updated on 15 Sep 2025

ShiftFill, a product of BVE Labs LLC ("ShiftFill") is committed to maintaining compliance with applicable laws, regulations, and industry standards. This Compliance Policy outlines our approach to ensuring lawful, transparent, and ethical practices across all our services and applications.

Table of Contents

  1. Regulatory Compliance
  2. HIPAA Compliance
  3. Privacy Commitment
  4. Industry Standards
  5. Ethical Standards
  6. Updates to Compliance Practices

1. Regulatory Compliance

  • We comply with applicable U.S. federal and state laws, including data protection and consumer protection laws.
  • Where applicable, we align with global data privacy standards such as the EU General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).
  • We maintain compliance with healthcare regulations including HIPAA and state-specific healthcare laws.

2. HIPAA Compliance

  • ShiftFill is designed to be HIPAA-compliant for handling protected health information (PHI).
  • We implement administrative, physical, and technical safeguards as required by HIPAA Security Rule.
  • We execute Business Associate Agreements (BAAs) with covered entities.
  • Regular risk assessments are conducted to identify and address potential security vulnerabilities.
  • Staff receive HIPAA training and are bound by confidentiality agreements.
  • We maintain audit controls and access logs as required by HIPAA.

3. Privacy Commitment

  • Our data practices are described in our Privacy Policy.
  • We collect only the minimum necessary information to provide our services.
  • User data is never sold to third parties.
  • We provide users with control over their personal information.

4. Industry Standards

  • We follow industry best practices for software development, including secure coding standards.
  • Our infrastructure is hosted on HIPAA-compliant cloud platforms.
  • We conduct regular security audits and vulnerability assessments.
  • We maintain appropriate insurance coverage for our operations.

5. Ethical Standards

  • We do not knowingly engage with vendors or partners that violate human rights, data protection, or ethical business practices.
  • Employees and contractors are expected to act with integrity and in accordance with this Compliance Policy.
  • We maintain a code of conduct that all team members must follow.

6. Updates to Compliance Practices

Our policies and practices are reviewed and updated periodically to ensure alignment with changes in law, regulation, and technology. We are committed to continuous improvement in our compliance programs.

For compliance-related inquiries, please contact us at compliance@shiftfill.ai.