FDA General Wellness Policy Compliance

Our Regulatory Commitment

ImmuneSpan was designed from day one as a general wellness software platform — formally classified as a non-device under the FDA's General Wellness Policy (January 2019). Our compliance framework (IS-REG-001 through IS-REG-004) was built before our first customer.

What ImmuneSpan Is — and Is Not

What We Are

  • General wellness education software
  • A population-relative wellness scoring platform
  • An educational tool for understanding inflammatory biomarker context
  • A Class 1 General Wellness Product under FDA guidance

What We Are Not

  • A medical device
  • An in vitro diagnostic (IVD) or IVD accessory
  • Software as a Medical Device (SaMD)
  • A clinical decision support tool
  • A disease screening or diagnostic service

IS-REG Compliance Framework

Four formal regulatory documents underpinning every aspect of platform design and operation

IS-REG-001

Intended Use Statement

Defines ImmuneSpan's intended use as educational wellness information about population-referenced biomarker context. Establishes that ImmuneSpan is intended to promote healthy lifestyle choices, not to diagnose, treat, or mitigate any disease.

IS-REG-002

Feature Risk Log

Pre-shipment Class I trigger assessment for every product feature. Every new feature is reviewed against four Class II trigger questions before development begins. No feature advances to production without a documented non-device determination.

IS-REG-003

Algorithm Documentation V2.0

Full technical documentation of the ImmuneSpan Engine V23.0.0 — including the martingale residual Immune Age methodology, 12-archetype K-means classification, and Five Biological Dimensions scoring. Establishes that all outputs are educational wellness metrics, not clinical measurements.

IS-REG-004

General Wellness Policy Justification

Formal non-device determination document addressing both FDA General Wellness Policy criteria: general wellness use only (Criterion 1) and low risk to users (Criterion 2). Also addresses IVD accessory analysis and SaMD analysis, with documented rationale for non-classification in each category.

Four Compliance Conditions

Operational conditions that must be maintained at all times to preserve general wellness non-device status

1
All biomarker values are manually entered by you — no automated lab data ingestion, no LabCorp API connections, no Quest integration. ImmuneSpan never accesses your lab report directly.
2
No disease-specific claims in any output, report, or marketing material. All platform outputs use population-relative wellness framing — "your Wellness Age is younger than average" rather than "you have low cardiovascular disease risk."
3
No treatment or prescription recommendations as direct product outputs. Supplement and lifestyle information is framed using published-literature language with mandatory physician-consultation notices.
4
All outputs are framed as educational wellness metrics with physician-consultation disclosures. The IS-REG-001 v2.0 §6 disclosure statements appear on every report, every email, and at account creation.

The Architecture of Non-Reliance

Every design decision in the platform was made to reduce the risk that users substitute ImmuneSpan outputs for qualified medical care

📋

Mandatory Disclosure at Account Creation

Before a user receives any output, they must affirmatively acknowledge that ImmuneSpan is an educational wellness tool, not a medical device or diagnostic. This acknowledgment is stored in the database and is non-skippable.

🦊

Animal-Color Archetype Nomenclature

Phenotypes are identified as "Crimson Fox" or "Jade Rabbit," not as clinical categories. The deliberate use of educational, non-clinical nomenclature prevents users from interpreting archetype assignments as medical diagnoses or prognoses.

"Wellness Age" Framing — Not "Biological Age"

The primary output metric is called "Wellness Age" — a population-comparison educational metric — rather than "biological age" or "immune age," which carry clinical connotations and imply diagnostic or prognostic claims.

🔬

Research-Language in All Trajectory Content

Every supplement and lifestyle section uses published-literature framing: "the research literature associates omega-3 supplementation with..." rather than "you should take omega-3." This structure signals educational content, not clinical instruction.

🩺

Physician-Consultation Notice on Every Output

A standardized physician-consultation disclosure appears on every generated report, every email containing wellness data, and every dashboard view. It is never hidden, minimized, or placed in fine print.

🔒

Zero Automated Clinical Integration

ImmuneSpan maintains no API connections to EHR systems, laboratory ordering services, pharmacy databases, or any clinical data infrastructure. The absence of automated clinical data flow is a structural compliance safeguard.

Required Disclosures

IS-REG-001 v2.0 §6 — Standard disclosure language appearing on all platform outputs

IS-REG-001 v2.0 — §6 Mandatory Disclosure Statements
"This Wellness Age is an educational population-comparison metric, not a clinical measurement of biological age."
"Your wellness archetype is an educational engagement category, not a clinical classification."
"Discuss with your healthcare provider before supplementing. ImmuneSpan provides educational wellness information only — these are not treatment recommendations."
"ImmuneSpan provides educational wellness information based on population-referenced biomarker analysis. This is not medical advice and does not constitute a clinical diagnosis. Consult a licensed physician before making any health decisions."

Research Data Governance

Optional Research Network — De-identification Standard, Storage Architecture, and IRB Requirement

De-identification Standard

HIPAA Safe Harbor Method

Research Network de-identification is performed in accordance with the HIPAA Safe Harbor standard (45 CFR §164.514(b)). This requires the removal or transformation of 18 specified identifier categories before a dataset may be considered de-identified. ImmuneSpan applies the following transformations:

  • Names, email addresses, full dates of birth, and exact geographic addresses are permanently destroyed prior to record creation.
  • Geographic data is generalized to the first three digits of the ZIP code only (populations >20,000 per Safe Harbor requirements).
  • Dates of birth are generalized to 5-year age range buckets (e.g., "45–49").
  • User identifiers are replaced with a one-way SHA-256 cryptographic hash (with a secure, non-publicly-disclosed salt). No reverse mapping or lookup table is created or retained.
Storage Architecture

AWS S3 Encrypted Research Store

De-identified Research Network records are stored in a dedicated AWS S3 bucket with the following security controls:

  • Server-side encryption (SSE-S3) using AES-256 for all objects at rest.
  • Bucket access policies restrict all public access. No public-read permissions are granted at any bucket or object level.
  • IAM role-based access control limits access to the research data store to authorized ImmuneSpan engineering and research operations personnel only.
  • S3 access logging is enabled. All access events are written to a separate, immutable audit log bucket.
  • Physical separation from the primary Supabase customer database. The research data store has no automated connection to or from the production application database.
IRB Requirement — External Research Use

ImmuneSpan commits that no de-identified Research Network data will be transferred to any external party — pharmaceutical, biotech, academic, or otherwise — without a documented Institutional Review Board (IRB) approval covering the specific research protocol under which the data will be used.

This commitment is operationalized through the following governance requirements that are contractually imposed on all research data licensees:

1. Protocol-specific IRB approval required. Data is licensed only for a defined, IRB-approved research protocol. Use of ImmuneSpan data outside the approved protocol is a material breach of the licensing agreement.

2. Re-identification attempts prohibited. All data license agreements include an explicit prohibition on any attempt to re-identify individual records, link records to external datasets for re-identification purposes, or share the dataset with any party not covered by the IRB approval.

3. Population-level publication only. Research findings may be published only at the population level. No individual-level records may appear in any publication, preprint, supplemental material, or public data repository.

4. Dataset return or destruction at conclusion. Licensees must certify destruction or return of all ImmuneSpan data at the conclusion of the approved research period, with written confirmation provided to ImmuneSpan within 30 days of protocol completion.

For questions about the Research Network governance framework or to request information about active research uses of the dataset, contact: research@immunespan.com