Compliance & trust

SOC 2 (Type II in progress)

We are pursuing SOC 2 Type II. [TEAM: confirm timeline before publishing dates.]

HIPAA-ready, BAA available

Bridgekeeper supports your HIPAA compliance program and we can sign a BAA. HIPAA compliance is an organizational status established by a signed BAA — not a software feature.

We protect your data — including from us

Telemetry is opt-in, never silent. By default we capture that an injection was detected and its structural signature — not your content. Raw-prompt sharing is a separate, explicit “contribute to threat research” toggle, with PII redaction before anything leaves the box. Join the community threat-intel network and get better detection in return.

Sub-processors: [TEAM: publish list before launch.] Data residency: self-contained and in-process; works fully air-gapped with local Ollama.

Bridgekeeper for Healthcare →