
Security is our priority.
Keto-Mojo applies enterprise-grade safeguards to keep your health data private, secure, and entirely yours.
Security: Health data security
Single Sign-On (SSO)
Access your MyMojoHealth or MyMojoHealth Pro account safely and seamlessly with Single Sign-On.
24/7 Security Monitoring
Our systems are watched around the clock. You can rest easy knowing your data is always under active protection.
Encrypted API
Our encrypted API connection ensures that every piece of data transferred between you and your care team or technology partner is protected end-to-end.
HIPAA-Compliant Servers
Your data is stored on HIPAA-compliant servers, meeting the strict standards required for protecting personal health information.
Privacy: Your privacy rights
Your privacy is a right, not a feature. MyMojoHealth is built on a foundation of transparency, minimal data collection, and strict access controls. We never sell your personal health information.
Yours, For Life
Your data belongs to you. Unlimited storage means you’ll never face capacity limits or lose access to your historical MyMojoHealth measurements.
When you’re ready to move on, you’re in control of that too. You can permanently delete your MyMojoHealth data and email address at any time.
Learn more about your data rights →
Compliance: Security Compliance & Certifications
MyMojoHealth maintains a formal Information Security Management System (ISMS) designed in alignment with ISO/IEC 27001:2022, the international standard for information security.

HIPAA Compliant
Your protected health information (PHI) is handled in compliance with U.S. federal law.

GDPR Compliant
Your data rights are protected in accordance with EU privacy regulations.

CCPA Compliant
California residents have full rights to access, delete, and opt out of data sharing.

BBB Accredited
Independently vetted for trustworthy business practices.
How we protect your data
Access Control
Role-based access control (RBAC) and strict need-to-know policies ensure only authorized personnel can access sensitive data.
Encryption
All data is encrypted at rest and transit across devices and cloud services. Whether your data is stored or moving, it’s always protected.
Data Classification
We classify all data: Public, Internal, Confidential, and Restricted with defined handling rules for each category. Special standards apply to PHI and PII, including data masking to minimize exposure risk.
Vendor & Third-Party Oversight
Every vendor and third-party partner who touches your data is required to sign Business Associate Agreements (BAAs) or Data Processing Agreements (DPAs). We conduct periodic vendor risk reviews to ensure ongoing compliance.
Employee & Contractor Accountability
All employees and contractors are bound by confidentiality agreements. Access to sensitive systems requires explicit authorization and regular review.
Incident Response
We maintain defined procedures for handling security incidents, including regulatory reporting requirements for any data breach.
To report a security concern, please contact support@keto-mojo.com.
