ACAI
ProductEvidenceDocsPricing
ACAI

Continuous compliance for AI. Every call scanned, classified, audit-logged, and evidence-ready.

Product

  • AI Layer
  • Sample Reports
  • Pricing
  • Documentation
  • Quickstart
  • Start Free

Company

  • About
  • Talk to an Engineer
  • Security
  • Support

Legal

  • Privacy Policy
  • Terms of Service
Service-Disabled Veteran-Owned Small Business
© 2026 Agile Cloud & AI LLC. All rights reserved.
OverviewQuick StartMigration GuideCompliance Quick StartNext Steps

User Guide

AuthenticationChat CompletionsEmbeddingsTranscriptionModelsGuardrailsRate LimitsError HandlingBYOK / Passthrough

Features

Batch APISemantic CacheRAGPromptsSmart RoutingRealtime APIAudit & Compliance

Developer

ArchitectureSelf-HostingAPI ReferenceInteractive DocsConfigurationContributing
Back to site

Compliance Quick Start

Go from zero to audit-ready in 30 minutes. This runbook walks you through enabling every compliance feature ACAI offers.

Prerequisites

  • An ACAI account (any tier)
  • At least one API key
  • 5 minutes of request history (send a few test requests via the Playground)

Step 1 — Apply a Policy Template~2 min

Policy templates are pre-built compliance configurations that match specific frameworks. Applying one sets up PII detection rules, content safety thresholds, and audit retention in one click.

  1. Go to Dashboard → Compliance
  2. Click Apply Template and choose your framework (HIPAA, SOC 2, or PCI DSS)
  3. Review the pre-filled guardrail settings and confirm
Tip: You can apply multiple templates. Settings merge — the strictest rule wins for each category.

Step 2 — Configure Guardrails~5 min

Guardrails enforce rules on every API request. The policy template pre-fills sensible defaults, but you can tune them.

GuardrailWhat It DoesWhere
PII DetectionDetects and redacts names, SSNs, emails, phone numbers, medical record numbersGuardrails → Config
Content SafetyBlocks hate speech, violence, self-harm, and sexual contentGuardrails → Config
Prompt InjectionDetects attempts to override system prompts or exfiltrate dataGuardrails → Config
Data ClassificationEnforces which data sensitivity levels can flow to which backendsBackends

Step 3 — Verify Audit Logging~3 min

Every request through ACAI is logged with a correlation ID, token counts, policy decisions, and PII scan results. Verify it works:

  1. Send a test request through the Playground
  2. Open Dashboard → Audit Log
  3. Confirm you see the request with its guardrail results, timestamps, and user attribution

Step 4 — Set Cost Controls~2 min

Prevent runaway spend with per-key limits and rate limiting.

  1. Go to API Keys and edit a key
  2. Set a monthly spend limit (e.g., $50/month)
  3. Set rate limits (requests/minute) appropriate for your workload

Step 5 — Generate a Compliance Report~5 min

This is the payoff. Compliance reports compile your guardrail configuration, audit log summaries, and policy enforcement evidence into a format your auditor expects.

  1. Go to Dashboard → Compliance
  2. Click Generate Report
  3. Choose the framework (HIPAA, SOC 2, or PCI DSS) and date range
  4. Download the generated report as JSON or PDF
Tip: Schedule monthly report generation to maintain continuous compliance evidence.

Step 6 — Review the Checklist~3 min

Before handing evidence to your auditor, walk through this checklist:

You're audit-ready.

Generate your first compliance report and download the evidence export.

Go to Compliance DashboardAudit Docs