Is Themis a substitute for a lawyer or medical billing advocate?

No. Themis gives you the analysis and documentation tools that advocates use — so you can do it yourself for a fraction of the cost. For complex legal disputes, consult a licensed professional.

What file types does Themis accept?

PDF, JPG, PNG, and TIFF for bills and EOBs. Most insurance portals and hospital billing departments provide PDF downloads.

Does Themis store my medical documents?

No. Your documents are processed locally on your device. We store your account information and analysis metadata, not the documents themselves.

What's the difference between Plus and Family plans?

Plus covers one person on one insurance plan. Family supports multiple people under a single insurance policy, with individual tracking that rolls up to a shared family deductible and out-of-pocket maximum.

Virgil is Themis's Pro-tier AI assistant. It answers questions about billing codes, insurance terms, and your specific charges in plain language — like having a knowledgeable friend who actually reads your EOBs.

Can I cancel anytime?

Yes. Monthly plans cancel at the end of the current billing period. Annual plans are non-refundable after 7 days but can be cancelled to prevent renewal.

What if I have multiple insurance plans?

Themis currently supports one insurance plan per subscription. Multi-plan support is on the roadmap.

Data Handling & Compliance

HIPAA-grade safeguards. By choice, not by mandate.

Themis is not a covered entity under HIPAA. We built to that standard anyway — because handling medical billing data responsibly should be the default, not the exception.

Our approach

Why we build this way

Most consumer health tools treat compliance as something that applies to hospitals and insurers — not to them. Technically, they're right. Consumer-facing SaaS platforms that don't transmit or store Protected Health Information (PHI) on behalf of a covered entity are generally not subject to HIPAA.

We don't think that's a good enough reason to cut corners.

Themis handles medical bills, insurance EOBs, billing codes, diagnosis references, and financial data. The fact that a regulation doesn't require us to protect that data to the highest standard doesn't mean we shouldn't. So we do.

Architecture

Your documents never leave your device

Themis uses a local-first architecture. When you upload a medical bill or EOB, the document is processed entirely in your browser using IndexedDB — a secure, sandboxed storage built into every modern browser.

What this means in practice:

No server-side document storage. Your medical bills and EOBs are never uploaded to, transmitted to, or stored on our servers.
No server-side processing. Parsing, reconciliation, discrepancy detection, and analysis all happen locally in your browser.
No third-party access. Because your documents never leave your device, no third party — including us — can access them.
You control deletion. Clearing your browser data or using Themis's built-in data management tools removes your documents permanently. There's no server backup to worry about.

This architecture eliminates entire categories of data breach risk. If our servers were compromised tomorrow, your medical documents would not be affected — because they were never there.

What we store

Account data we manage

While your medical documents stay local, we do store a limited set of account data on our servers (Supabase, with PostgreSQL and row-level security):

Account metadata

Your name, email address, and profile photo (provided via Google OAuth)

Subscription data

Your plan tier, billing status, and transaction history (managed by Stripe)

Audit logs

Records of significant account actions (login, subscription changes, data export requests, account deletion)

Application preferences

Your accessibility settings (high contrast, large text, reduced motion) and UI preferences

This data is encrypted at rest and in transit. Row-level security (RLS) policies ensure that every database query is scoped to the authenticated user — no user can access another user's data, and no API call can bypass this restriction.

Protection

Encryption everywhere

In transit: All communication between your browser and our services uses TLS (Transport Layer Security) encryption. This includes authentication, subscription management, and any future cloud sync features.
At rest: Account metadata stored in Supabase is encrypted at rest using AES-256 encryption.
Local storage: Your browser's IndexedDB is sandboxed by origin, meaning no other website or application can access Themis's local data. Browser-level encryption depends on your device's security settings and disk encryption.

Authentication

No passwords. Ever.

Themis uses OAuth authentication (Google, with Microsoft coming soon). We do not store passwords, password hashes, security questions, or any other credential material.

This eliminates password-related attack vectors entirely — no brute force attacks, no credential stuffing, no password database to breach. Your authentication security is managed by Google's infrastructure, which includes two-factor authentication, suspicious login detection, and account recovery.

Accountability

Every significant action is logged

Themis maintains audit logs for significant account actions, including:

Account creation and login events
Subscription changes (upgrades, downgrades, cancellations)
Data export requests
Account deletion requests
Accessibility setting changes

These logs are stored securely, scoped to each user via row-level security, and retained for the duration of the account's existence. They exist to support accountability, troubleshooting, and — if ever needed — compliance verification.

Principle

We collect only what we need

Our data collection follows the principle of minimization:

We collect your name and email because authentication requires it.
We store your subscription status because billing requires it.
We log significant actions because security requires it.
We do not collect your medical documents, because our architecture doesn't require it.

If we don't need it, we don't collect it. If we collect it, we protect it. If you want it deleted, we delete it.

Your rights

Your data, your decision

You can request complete deletion of your account and all associated server-side data at any time by emailing support@lonia.ai. We will process your request within 30 days and confirm when deletion is complete.

Locally stored data (medical documents, analysis results, application state in your browser) is under your direct control. You can delete it at any time by clearing your browser data or using the data management tools within Themis.

Regulatory alignment

Standards we align with

HIPAA

Themis is not a covered entity or business associate under HIPAA. However, our local-first architecture, encryption practices, access controls, and audit logging align with HIPAA's Security Rule and Privacy Rule safeguards.

GDPR

Themis practices data minimization, supports right to deletion, provides clear disclosure of data collection, and does not sell or share personal data with third parties.

CCPA

California residents can request access to, deletion of, and information about personal data we collect. We do not sell personal information.

Section 508 / ADA

Themis meets WCAG 2.2 Level AA accessibility standards and aligns with Section 508 and ADA Title III requirements.

Questions

Have compliance questions?

If you're evaluating Themis for use in a regulated environment, or if you have questions about our data handling practices, we're happy to discuss specifics.

Email: support@lonia.ai

Privacy Policy: /privacy

Terms of Service: /terms