Docs / Compliance posture
Compliance posture
We list this page because trust is built on what we do not claim, not only what we do. If you are evaluating LogiRoot for a regulated deployment, this page is the canonical statement of scope today.
What LogiRoot does today
- Evaluates AI tool calls against a configurable policy framework at runtime, returning APPROVE / REJECT / ESCALATE.
- Persists per-decision compliance receipts that your audit and governance teams can review.
- Generates audit trails suitable for internal review and external regulator review.
- Works alongside the LLM providers you already use, without requiring model retraining.
- Encrypts data in transit and at rest. Authenticates all API access.
What we are working toward
- Formal third-party security attestation (SOC 2 Type 1 in progress).
- HIPAA-ready deployment configuration with Business Associate Agreement for healthcare customers.
- Native adapters for additional cloud-hosted foundation model platforms.
- Per-vertical policy modules (healthcare, financial services, public sector).
What we explicitly do not claim today
For each item below, the absence of a claim is intentional and time-bounded:
- We do not currently claim certification under any specific named regulatory framework (e.g. EU AI Act article-level conformance, HIPAA, FedRAMP, SOC 2 Type 2, ISO 42001). Where we use phrases like “designed for governance and oversight,” we mean exactly that — designed for, not certified to.
- We do not currently claim algorithm-level cryptographic guarantees on this page. Specific signing primitives are documented in our security whitepaper, available under NDA.
- We do not currently make specific quantitative latency or throughput claims on the public marketplace listing pending primary-source measurement of the production system.
Customer due diligence
For procurement reviews, security questionnaires, or counsel conversations, email support@logirootai.com with the framework or control set you are evaluating against. We respond with the current state of evidence, not aspirational marketing.