Compliance
Compliant AI tools, by framework
Filter the AI Tool Risk Directory by the control you actually need to satisfy. Each list is computed from the same sourced facts as the tool profiles, so it never drifts.
By framework
HIPAA-compliant AI tools
25AI tools whose vendor will sign a Business Associate Agreement (BAA), the baseline for handling protected health information (PHI) in the US. Usually available on an enterprise tier only.
GDPR-ready AI tools
51AI tools that offer a Data Processing Agreement (DPA), the control EU and UK teams need before an AI vendor processes personal data on their behalf.
SOC 2 AI tools
52AI tools with a SOC 2 report: independent assurance over their security, availability and confidentiality controls. The baseline most B2B security reviews expect.
ISO 27001 certified AI tools
37AI tools certified against ISO/IEC 27001, the international information-security management standard.
AI tools that do not train on your data
24AI tools that do not train their models on your content by default. The single most important control for keeping confidential work out of a vendor's training set.