Levitate.AI is a marketing platform that uses artificial intelligence (AI) to help businesses maintain and enhance their relationships with customers, clients, and prospects.
This requires Levitate to leverage detailed contact information to personalize communication with their users' customers. In a healthcare context, Levitate's tools would likely handle protected health information (PHI) and need to be HIPAA compliant. So, is Levitate HIPAA compliant?
What is Levitate?
Levitate sends emails that look personal and are delivered as one-to-one messages. This means that instead of sending a mass email that might end up in a spam folder, it sends individual emails that are more likely to be read and responded to. The software integrates with popular email servers like Outlook and Gmail, so users can use it directly from their existing email account, making it easier to manage communications.
Levitate's AI helps users stay in touch with clients and prospects in a more personal way. This could involve suggesting the best times to send emails, recommending who to contact based on past interactions, or even helping to write personalized messages. In addition to the AI-powered software, Levitate provides access to dedicated marketing coaches who can provide advice and guidance.
Levitate's privacy policy
Levitate's privacy policy states, "We do not sell, trade, or otherwise transfer your Personal Information, or data that you provide Levitate (including but not limited to notes, contacts, company names, and action items) to outside parties, except we may disclose such information to third parties under the following circumstances: [...]
- To our service providers, business partners, suppliers, sub-contractors, or agents who perform services for us, as well as our professional advisers (including our lawyers, bankers, auditors, and insurers), and analytics and search engine providers that assist us in the improvement and optimization of the Services."
That indicates that Levitate can access their users' professional data, so HIPAA compliance is essential.
Levitate and the business associate agreement
There's a primary item to consider regarding Levitate and their ability to provide HIPAA compliant marketing.
First, let's start with a quick recap of the terms. The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that protects the privacy of an individual's personal health information, otherwise known as protected health information (PHI).
HIPAA applies to covered entities, which include healthcare providers, health plans, and healthcare clearinghouses. It also applies to business associates of these covered entities. These are entities that perform certain functions or activities on behalf of the covered entity.
A business associate agreement (BAA) is a written contract between a covered entity and a business associate. It is required by law for HIPAA compliance. In the case of Levitate, the service would certainly fall into the category of a business associate if it's servicing customers that would store, process, or transmit PHI on its email platform.
We checked the Levitate.ai site and found no mention of HIPAA compliance or willingness to sign a BAA in their website documentation. They also don't list healthcare as one of the industries that they serve.
Is Levitate HIPAA compliant?
The BAA is a required component of HIPAA compliance between a covered entity and a business associate. Levitate does not appear to sign a BAA.
Conclusion: Levitate may not be HIPAA compliant, but we recommend you contact them directly.
Dean Levitt
