Skip to main content

Regulatory Compliance

Last updated: December 2024

S2Y, LLC is committed to maintaining the highest standards of regulatory compliance for medical and health information across all jurisdictions where we operate. We understand the critical importance of protecting health data and adhering to applicable regulations in the healthcare technology sector.

United States Compliance

HIPAA (Health Insurance Portability and Accountability Act)

S2Y, LLC maintains strict compliance with HIPAA regulations to protect patient health information (PHI). Our systems and processes include:

  • Comprehensive administrative, physical, and technical safeguards
  • Regular risk assessments and security audits
  • Employee training on HIPAA compliance requirements
  • Business Associate Agreements (BAAs) with all relevant partners
  • Incident response procedures for potential breaches

FDA (Food and Drug Administration)

S2Y's HOCl products are general wellness and disinfection products — not medical devices — and are not intended to diagnose, treat, cure, or prevent any disease. We adhere to applicable FDA guidelines for wellness and consumer products:

  • Compliance with FDA guidelines for general wellness and disinfection products
  • Truthful and non-misleading labeling and advertising in accordance with FDA and FTC requirements
  • HOCl is recognized by the FDA for certain antimicrobial and disinfection applications
  • Quality and safety standards appropriate for general consumer wellness products

FTC (Federal Trade Commission)

We adhere to FTC guidelines for health claims and consumer protection:

  • Truthful and non-misleading health product claims
  • Substantiation of all medical and health benefits
  • Clear and prominent disclosure of material terms

Canadian Compliance

PIPEDA (Personal Information Protection and Electronic Documents Act)

S2Y, LLC complies with Canadian privacy laws for personal health information:

  • Consent-based collection and use of personal information
  • Limiting collection to necessary purposes
  • Safeguarding personal information with appropriate security measures
  • Transparency in privacy practices and policies

Health Canada Regulations

Our products and services meet Health Canada requirements:

  • Medical device licensing where applicable
  • Natural health product regulations compliance
  • Quality assurance and safety standards

European Union Compliance

GDPR (General Data Protection Regulation)

We maintain full GDPR compliance for EU residents:

  • Lawful basis for processing personal data
  • Data minimization and purpose limitation
  • Individual rights including access, rectification, and erasure
  • Data Protection Impact Assessments (DPIAs)
  • Appointment of Data Protection Officer (DPO)
  • Privacy by design and by default

EU Product Safety Regulations

S2Y's products sold in the EU comply with applicable EU product safety and consumer protection regulations for general wellness and disinfection products:

  • EU General Product Safety Directive compliance
  • Biocidal Products Regulation (BPR) compliance for applicable disinfection products
  • Accurate and non-misleading product labeling in accordance with EU consumer law

Information Security Framework

S2Y, LLC implements comprehensive security measures across all operations:

Technical Safeguards

  • End-to-end encryption for all health data transmission
  • Multi-factor authentication for system access
  • Regular security testing and vulnerability assessments
  • Secure cloud infrastructure with industry-leading providers
  • Automated backup and disaster recovery systems

Administrative Controls

  • Information security policies and procedures
  • Role-based access controls
  • Regular employee security training
  • Third-party security assessments
  • Incident response and breach notification procedures

Physical Security

  • Restricted access to facilities and equipment
  • Environmental controls for data centers
  • Secure disposal of physical media
  • Surveillance and monitoring systems

Quality Management

S2Y, LLC maintains quality management systems aligned with industry best practices:

  • ISO 27001 for information security management
  • Continuous improvement processes
  • Regular internal and external audits
  • Quality controls appropriate for general wellness and consumer products

Ongoing Compliance Monitoring

We maintain ongoing compliance through:

  • Regular regulatory updates and legal reviews
  • Compliance training for all employees
  • Third-party compliance assessments
  • Continuous monitoring of regulatory changes
  • Engagement with legal and regulatory experts

Transparency and Reporting

S2Y, LLC is committed to transparency in our compliance efforts:

  • Regular compliance reports to stakeholders
  • Public disclosure of security incidents when required
  • Cooperation with regulatory authorities
  • Clear communication of privacy practices to users

Contact Information

For compliance-related inquiries or to report concerns:

Compliance Officer
Email: compliance@s2y.us
Phone: +1 678-792-8330

Data Protection Officer (EU)
Email: dpo@s2y.us

S2Y, LLC
1515 Route 22 West STE 30 #1099
Watchung, NJ 07069
United States

This compliance statement is reviewed and updated regularly to reflect current regulatory requirements and best practices. For the most current version, please visit our website or contact our compliance team.