Compliance & trust

SOC 2 (Type II in progress)

We are actively pursuing our SOC 2 Type II audit. Current status and artifacts are available under NDA.

HIPAA-ready, BAA available

Bridgekeeper supports your HIPAA compliance program and we can sign a BAA. HIPAA compliance is an organizational status established by a signed BAA — not a software feature.

Architectural controls, in-process

Beyond inbound sanitization and outbound DLP, Bridgekeeper enforces the architectural controls regulated buyers ask for — in-process and air-gap capable:

Provenance tracking

Mark system instructions and retrieved content as data, not commands, and track it through the call.

Tool / function-call authorization

Gate privileged tool calls behind out-of-band approval the model can't grant itself.

Outbound / exfiltration controls

Policy over where data is allowed to go, beyond blocking sensitive-content leakage.

Untrusted-content isolation

Structurally isolate untrusted document/RAG content from instruction authority.

We protect your data — including from us

Telemetry is opt-in, never silent. By default we capture that an injection was detected and its structural signature — not your content. Raw-prompt sharing is a separate, explicit “contribute to threat research” toggle, with PII redaction before anything leaves the box. Join the community threat-intel network and get better detection in return.

Sub-processors: Bridgekeeper runs in-process and sends no prompt data to third parties; the current sub-processor list for the maintained protection feed is available on request. Data residency: self-contained and in-process; works fully air-gapped with local Ollama.

Bridgekeeper for Healthcare →