Appearance
Compliance Overview
GateFlow provides comprehensive compliance features for regulated industries.
Supported Frameworks
| Framework | Features |
|---|---|
| HIPAA | PHI handling, BAA, audit logs |
| GDPR | Data residency, right to erasure, consent |
| SOC 2 | Security controls, audit trails |
| EU AI Act | Risk classification, human oversight |
| Legal Hold | Litigation preservation |
Core Capabilities
Audit Trail
Every action logged with immutable hash chain:
json
{
"event_id": "evt_123",
"timestamp": "2024-01-15T10:30:00Z",
"action": "document.accessed",
"actor": "user_456",
"hash": "sha256:abc123...",
"previous_hash": "sha256:xyz789..."
}Access Controls
Role-based access with classification levels:
- Define who can access what data
- Automatic enforcement at query time
- Full audit of access attempts
Data Handling
- PII/PHI detection and handling
- Encryption at rest and in transit
- Data residency controls
- Retention policies
Quick Setup
Enable HIPAA Mode
bash
curl -X PATCH https://api.gateflow.ai/v1/management/organization/compliance \
-H "Authorization: Bearer gw_prod_..." \
-H "Content-Type: application/json" \
-d '{
"hipaa": {
"enabled": true,
"baa_signed": true
}
}'Enable GDPR Mode
bash
curl -X PATCH https://api.gateflow.ai/v1/management/organization/compliance \
-H "Authorization: Bearer gw_prod_..." \
-H "Content-Type: application/json" \
-d '{
"gdpr": {
"enabled": true,
"data_residency": "eu"
}
}'Next Steps
- Audit Trail - Logging details
- Regimes - Framework specifics
- Reports - Compliance reports