Velantis Talk to us

Security & Compliance

Built for the regulatory bar healthcare AI actually has to clear.

High-risk mappings cannot auto-deploy regardless of AI confidence — a deliberate ceiling on AI authority, enforced by a risk classifier and a named human approver recorded in the audit trail.

Compliance posture

HIPAA

Designed to execute under a BAA. Every PHI touchpoint logged with actor, resource, and payload hash. Minimum-necessary enforcement via channel-level scoping.

SOC 2 Type II

Annual certification target. Compliance documentation is generated directly from the audit stream, so attestation is continuous rather than point-in-time.

GDPR

Data-subject access and erasure implemented at the channel-data-store level. PII/PHI tagged at ingestion so erasure requests run without full-table scans.

EU AI Act

Architecture designed around "high-risk" AI system obligations — documented model provenance, auditable deterministic orchestration, human-in-the-loop gates, full incident logging.

State regulations

Data-classification and audit trail satisfy stricter state regimes (CCPA/CMIA, NY SHIELD) without per-tenant customization.

ISO 27001 / HITRUST CSF

On roadmap, alongside the on-premise HITRUST CSF deployment track.

Security architecture

Identity & access

  • Enterprise SSO via SAML 2.0, OIDC, LDAP/AD through Keycloak
  • JWT-based authorization at every API gateway and service boundary
  • Five built-in roles plus custom role builder; channel-level access scoping
  • MFA required for privileged roles

Data protection

  • TLS 1.2+ on every network hop, including mutual TLS service-to-service
  • AES-256 encryption at rest across PostgreSQL, Redis, Kafka, S3
  • PHI field-level tagging with redaction in logs and AI-agent prompts
  • Key management via cloud KMS or HashiCorp Vault on-premise

LLM-specific privacy

  • Zero-retention provider contracts for external LLMs
  • Prompt-level PHI scrubbing before any external LLM call
  • Self-hosted LLM option (Llama, Mistral) for perimeter-locked customers
  • No training on customer PHI — fine-tuning is tenant-scoped and opt-in

Audit & operations

  • Append-only, cryptographically chained audit trail
  • SIEM integration (Splunk, Sentinel, Elastic) via standardized event streams
  • Automated alerting on privilege escalation and bulk PHI access
  • Signed, scanned container images with SLSA-level build attestations

Three deliberate ethical commitments

Human-in-the-loop by default

Clinical-risk mappings cannot auto-deploy regardless of AI confidence.

Confidence transparency, not marketing

Calibrated, not optimistic, confidence scores — we reject UX that encourages ignoring low-confidence warnings.

Built to be replaceable

Channels are portable because their contract is an HL7 standard, not a proprietary model — it's in our interest to keep earning the seat.