Compliance & Governance
Responsible AI, data security, and regulatory alignment.
Responsible AI
Human Oversight
All findings are advisory. A qualified person within the organisation makes the final compliance decision.
Explainability
Each risk flag references the specific regulation or rule that triggered it.
High Recall
The system is optimised to surface potential risks rather than miss them, supporting thorough review.
Privacy First
Data privacy is built into the platform architecture, not applied as an afterthought.
Data Handling & Security
UK-Hosted Infrastructure
Data processing options available within UK-based infrastructure. Cross-border transfers only where explicitly authorised.
Encryption
Data encrypted at rest (AES-256) and in transit (TLS 1.3) with strict key management protocols.
Data Retention
Source documents are processed and not permanently stored unless the organisation opts into the archival service.
Access Control
Role-based access control (RBAC) ensures only authorised personnel can view reports and audit logs.
Regulatory Alignment
UK GDPR & Data Protection Act 2018
Supports identification of personal data and data minimisation principles.
NHS DSP Toolkit
Aligned with NHS Digital Data Security Standards for secure data handling.
CQC Fundamental Standards
Supports the 'Well-led' key question by providing structured governance evidence.