Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.regpilot.dev/llms.txt

Use this file to discover all available pages before exploring further.

Compliance Policies

Create custom compliance policies to enforce your organization’s specific requirements beyond standard regulatory frameworks.

What are Policies?

Policies are rules that define:
  • What AI behaviors are allowed/prohibited
  • Data handling requirements
  • Approval workflows
  • Notification triggers
  • Automated remediation actions

Creating Policies

1

Define Policy

const policy = await regpilot.policies.create({
  name: "Customer Data Protection",
  description: "Protect customer PII in AI interactions",
  framework: "gdpr",
  severity: "high"
});
2

Add Rules

await regpilot.policies.addRule(policy.id, {
  type: "data_protection",
  condition: {
    contains: ["email", "phone", "ssn", "credit_card"]
  },
  action: "block",
  message: "Personal data detected and blocked"
});
3

Apply to Models

await regpilot.policies.apply(policy.id, {
  models: ["model_123", "model_456"],
  projects: ["proj_abc"],
  environment: "production"
});

Policy Types

Data Protection

  • PII detection and blocking
  • Data retention limits
  • Cross-border transfer restrictions
  • Consent requirements

Content Moderation

  • Harmful content detection
  • Profanity filtering
  • Misinformation prevention
  • Bias detection

Compliance Rules

  • Framework-specific requirements
  • Industry regulations
  • Company policies
  • Best practices

Approval Workflows

  • Human-in-the-loop requirements
  • Multi-level approvals
  • Risk-based routing
  • Emergency overrides

Rule Conditions

Define when policies apply: 
{
  "conditions": {
    "and": [
      {
        "field": "input.content",
        "operator": "contains",
        "value": ["personal", "confidential"]
      },
      {
        "field": "user.role",
        "operator": "not_equals",
        "value": "admin"
      }
    ]
  }
}

Actions

What happens when a policy is triggered:
Prevent the action and return error

Policy Management

Testing Policies

Test before deploying: 
const testResult = await regpilot.policies.test(policy.id, {
  input: "Please process this credit card: 4111-1111-1111-1111",
  model: "model_123"
});

console.log(testResult.triggered); // true
console.log(testResult.action); // "block"

Policy Analytics

Track policy effectiveness:
  • Trigger frequency
  • False positive rate
  • Response times
  • User impact

Next Steps

Violations

View policy violations

Alerts

Configure policy alerts