Skip to main content

Compliance Package Index

A DPO-facing index into the existing safety doc tree, organised by regulatory regime. This page is a navigator — it does not restate the artifacts; it points at them at the article level so a risk officer can read directly to the section they need to evaluate.

For deeper engineering material: see Voice Stack Compendium §5 — Safety and compliance. For competitive positioning on compliance: see SOTA Positioning Matrix §2.6.

Per-regulation index

The artifacts cited from this index live in version control under docusaurus/zol-documentation/docs/safety/. The last_verified date in each artifact's front-matter is the canonical "this was checked on" timestamp. Where a regulation requires a per-deployment artifact (e.g. a DPIA), it is on file and named directly. Where a regulation provides a cross-vendor reference framework (e.g. ISO 27001), the alignment posture is named together with whether certification is held.

GDPR — Regulation (EU) 2016/679

The canonical text is cited as @gdpr_regulation.

ArticleWhat we addressWhere it lives
Art. 5(1)(a–f) PrinciplesLawful basis, purpose limitation, data minimisation, accuracy, storage limitation, integrity-and-confidentialitysafety/dpia §2 Necessity and proportionality; safety/data-retention-policy (storage-limitation expression)
Art. 6(1) Lawful basisLegitimate interest (Art. 6(1)(f)) for query processing; legal obligation (Art. 6(1)(c)) for audit loggingsafety/dpia §2.1; safety/data-retention-policy per-row lawful-basis column
Art. 9 Special-category dataVoice-call audio is not retained; only redacted transcripts persist (Art. 5(1)(c) data-minimisation by design)safety/data-retention-policy "Voice call audio: NOT STORED"
Art. 13–14 Information rightsPrivacy notice on hospital website; AI-system-identity disclosure under AI Act Art. 50safety/dpia §4
Art. 15 Right of accessConversation history available via authenticated session; admin export endpointsafety/dpia §4
Art. 17 Right to erasureDELETE /api/v1/gdpr/users/{user_id}/data cascades through app.conversations, app.conversation_messages, app.feedback, app.analytics_events, audit.logs, audit.data_access_logssafety/dpia §4; safety/data-retention-policy "Manual Lifecycle" diagram; backend/app/api/gdpr.py
Art. 17(3)(e) Audit-log retention exceptionAudit logs retained 90 days for security-monitoring legal obligation under Art. 6(1)(c)safety/data-retention-policy audit-log row
Art. 20 Data portabilityJSON conversation exportsafety/dpia §4
Art. 22 Automated decision-makingIntent classification is automated but does not produce legal effects or similarly significantly affect — blocked queries receive a helpful redirect, not a denial of servicesafety/dpia §4 Art. 22 row
Art. 28 Subprocessor obligationsOpenAI DPA in force; Twilio, Deepgram, ElevenLabs are subprocessors of record under operational DPA frameworksafety/dpia §5.2; Voice Stack Compendium §1, §2
Art. 32 Technical and organisational measuresTLS 1.2+ in transit, SIPS for telephony, PostgreSQL volume encryption at rest, Keycloak OIDC access control, structured audit loggingsafety/dpia §5; safety/security
Art. 35 Data Protection Impact AssessmentDPIA on file — full Article-by-Article mapping, residual-risk register, mitigationssafety/dpia
Recital 71 Algorithmic fairnessMultilingual support (nl/en/fr/it production-validated; additional patient-language fallbacks); helpdesk fallback always availablesafety/dpia §3 R6; voice/language-locking

EU AI Act — Regulation (EU) 2024/1689

The canonical text is cited as @ai_act_regulation. Trustworthy-AI ethics framing is from the EU HLEG (@hleg2019trustworthyai).

ArticleWhat we addressWhere it lives
Art. 5 Unacceptable-risk practicesNot in scope (no social scoring, no real-time biometric ID, no manipulation)safety/ai-act-compliance §1.1
Art. 6 + Annex III High-risk classificationAnalysed and rejected — system is an information-retrieval tool, not clinical decision support; not a safety component in healthcare management; not an MDR medical devicesafety/ai-act-compliance §1.2
Art. 50 Limited-risk transparencyLimited-risk classification on file — system identifies itself as AI-powered search; AI-generated content disclosuresafety/ai-act-compliance §1.3, §2.1
Scope-limit warningIf future scope creeps into clinical decision support (symptom triage, treatment recommendations, diagnostic assistance), the system becomes high-risk and requires full conformity assessment with CE markingsafety/ai-act-compliance §1.2 warning callout

MDR — Regulation (EU) 2017/745

The canonical text is cited as @mdr_regulation.

The system is NOT an MDR medical device. It is an information-retrieval tool, not clinical decision support. The negative-classification rationale is captured at safety/ai-act-compliance §1.2. The architecture is shaped by this negative scope as much as by the positive scope (Compendium §1) — we do not provide diagnoses, recommend dosages or treatments, schedule clinical care, or transcribe consultations. The Voice Stack Compendium documents the medical-device adjacency explicitly so future-feature decisions can be evaluated against the MDR boundary before they cross it.

ISO/IEC 27001:2022 and ISO/IEC 27018:2019

The canonical references are @iso27001_2022 and @iso27018_2019.

The posture is alignment without certification — controls are oriented to ISO/IEC 27001:2022, certification is not currently held. The alignment is captured at safety/dpia §5.2 and at safety/security. ISO/IEC 27018:2019 is the cross-vendor reference for personally-identifiable-information protection in cloud processors and is cited where subprocessor risks are discussed (SOTA §2.6).

HIPAA Safe Harbor (US reference)

The canonical reference is @hipaa_safe_harbor. HIPAA is a US framework and is not directly applicable to this Belgian deployment. It is named here because three healthcare-specific vendors in SOTA §2.6 (Suki, DeepScribe, Abridge) are HIPAA-compliant clinician scribes — buyers cross-evaluating those should know GDPR and HIPAA are different regimes addressing the same concerns from different doctrinal starting points.

Subprocessor list and Art. 28 framework

Per GDPR Art. 28, processors that handle personal data on behalf of the controller must operate under a documented Data Processing Agreement.

SubprocessorServiceData classDPA status
OpenAILLM (gpt-4.1-mini, GPT-4.1) and embeddings (text-embedding-3-large)User queries, embeddingsOpenAI Data Processing Addendum in force (safety/dpia §5.2)
DeepgramStreaming speech-to-text (Nova-3)Caller audio (transient — not persisted by us; vendor retention per Deepgram DPA)Vendor DPA framework; SOTA §2.6
ElevenLabsText-to-speech (Multilingual v2)Outbound text (no PII by design — answer-shaper output)Vendor DPA framework
TwilioElastic SIP Trunk for PSTN bridgingCaller phone number, signalling metadataVendor DPA framework; Voice Stack Compendium §2 Layer 0

A DPO cross-walk should ask each subprocessor for: in-force DPA framework, data-residency posture, breach-notification timeline. Vendor-specific cells live in SOTA §2.6 at marketing depth.

ADR lineage of the safety architecture

Architecture Decision Records that govern the safety story, with dates per the ADR register:

ADRWhat it decidesDate
ADR-0036Adversarial-input hardening (perplexity-based anomaly detection at less than 5 ms before any LLM call)See ADR series
ADR-0049Thin voice architecture — retire 8-stage VoiceOrchestratorSee ADR series
ADR-0051Agentic-only voice orchestrator — single GPT-4.1 agent with three toolsSee ADR series
ADR-0052Voice language locking at first utterance (Flemish accuracy preservation)See ADR series
ADR-0050Twilio + LiveKit SIP integration runbookSee ADR series

Full ADR list (50 ADRs at thesis snapshot per thesis Table 1.1) is in the Architecture Decisions sidebar.

Audit-log retention policy

The full schedule is at safety/data-retention-policy. One-paragraph summary: audit logs (audit.logs, audit.data_access_logs) are retained for 90 days under Art. 6(1)(c) and Art. 32, with automated expiry. Voice transcripts are written redacted (per voice_pii_redaction.py) into the same 90-day-retention class. Voice audio is not retained at all — Art. 5(1)(c) data-minimisation by design. Conversations are session-based with hard delete on user-account removal via the GDPR endpoint.

Incident-response process

The DPIA documents incident response at safety/dpia §5.2 (Security incident response procedure: documented in deployment runbook). The runbook lives outside the doc-site at the deployment root and is reviewed alongside this index for each pilot iteration. A buyer's risk officer evaluating this row should ask for the runbook directly.

Where to find the per-call audit trail

Three layers of audit trail land per call:

  1. Conversation historyapp.conversation_messages carries the human-readable record (caller utterance, agent answer, timestamp, language, conversational intent, citations). Available to admins via the /feedback admin transcript page.
  2. Pipeline telemetrypipeline_telemetry (and category_mismatch_telemetry since migration 066) carries the operational signal per turn (per-stage latency, retrieval cardinality, intent class, primary content category, category-mismatch rate). Surfaced on the Operations dashboard.
  3. Security audit logaudit.logs and audit.data_access_logs carry security-relevant events (auth, safety blocks, PII detections, GDPR deletions). 90-day retention; queries via SQL or admin endpoint.

A reviewer who wants to read a specific call: capture the conversation_id from the admin transcript, then read its rows across the three tables.

Closing the index — the four cells SOTA highlights

The cells our row populates in SOTA §2.6 Compliance: GDPR Art. 35 DPIA on file (safety/dpia); AI Act Art. 50 limited-risk classification on file (safety/ai-act-compliance); multi-language voice PII redaction (safety/pii-protection); self-hosted with subprocessors-of-record only (Compendium §1). Most competitor cells read "not publicly documented" — not because they are non-compliant, but because compliance artifacts are typically per-deployment work product. Ask each vendor for their equivalent.