Use Nyraxis to meet GDPR, HIPAA, SOC 2, and ISO 27001 requirements for AI systems.

Compliance

Nyraxis provides the governance layer needed to meet regulatory requirements for AI systems.

Requirement	How Nyraxis helps
Article 5 — Data minimization	PII Detection blocks personal data from reaching LLMs
Article 25 — Privacy by design	Enforce mode ensures every call is evaluated
Article 30 — Records of processing	Full audit trail via traces
Article 35 — DPIA	Red Team testing documents risk assessment

Recommended policies

{
  "policies": [
    { "type": "pii_detection", "mode": "blocking", "config": { "hipaa_mode": false } },
    { "type": "secrets_detection", "mode": "blocking" }
  ]
}

HIPAA

Requirement	How Nyraxis helps
PHI protection	PII Detection with HIPAA mode (54 medical entity types)
Access controls	Tool Authorization restricts agent capabilities
Audit controls	Complete trace history with timestamps
Breach notification	Real-time alerts on policy violations

Recommended policies

{
  "policies": [
    { "type": "pii_detection", "mode": "blocking", "config": { "hipaa_mode": true } },
    { "type": "secrets_detection", "mode": "blocking" },
    { "type": "tool_authorization", "mode": "blocking" }
  ]
}

SOC 2

Trust principle	How Nyraxis helps
Security	Prompt injection + jailbreak detection
Availability	Fail-open/fail-closed configuration
Processing integrity	Hallucination detection validates outputs
Confidentiality	PII + secrets detection prevents data leakage
Privacy	Full data lineage via traces

ISO 27001

Control	How Nyraxis helps
A.8.11 — Data masking	PII Detection identifies data to mask
A.8.16 — Monitoring	Real-time violation dashboards
A.5.34 — Privacy	Policy enforcement on all AI interactions

Audit trail

Every evaluation is logged with:

Timestamp (UTC)
Input/output text evaluated
Policies checked
Violations found (with severity and details)
Latency
Agent ID
Decision (allowed/blocked)

Export traces via the dashboard: Dashboard → Reports → Download CSV.

Compliance

On this page