Healthcare (EU GDPR) Use Case

European healthcare organizations must comply with GDPR's strict data protection requirements alongside national health data regulations. Keeptrusts enforces Article 9 (special category data), data minimization, and cross-border transfer restrictions for health-related AI workloads.

Use this page when

You are deploying AI in European healthcare organizations where GDPR Article 9 (special category health data), data minimization, and cross-border transfer restrictions apply.
You need to enforce EU AI Act high-risk transparency requirements alongside GDPR for health-related AI workloads.
You want data routing policies that keep health data within EU jurisdiction and bias monitoring for equitable health AI.

Primary audience

Primary: Technical Leaders
Secondary: Technical Engineers, AI Agents

Regulatory Requirements

Regulation	Requirement	Keeptrusts Policy
GDPR Art. 9	Special category data (health)	`pii-detector`, `hipaa-phi-detector`
GDPR Art. 5	Data minimization	`pii-detector` with redaction
GDPR Art. 44-49	Cross-border transfers	`data-routing-policy`
EU AI Act	High-risk AI transparency	`human-oversight`, `bias-monitor`
GDPR Art. 35	DPIA for health AI	`audit-logger`

Complete Policy Configuration

pack:
  name: healthcare-eu-gdpr
  version: 1.0.0
  enabled: true
policies:
  chain:
  - prompt-injection
  - rbac
  - pii-detector
  - hipaa-phi-detector
  - dlp-filter
  - data-routing-policy
  - bias-monitor
  - human-oversight
  - quality-scorer
  - audit-logger
policy:
  prompt-injection:
    response:
      action: block
      message: "Request blocked: potential prompt injection detected"
  rbac:
    deny_if_missing:
    - X-User-ID
    - X-User-Role
  pii-detector:
    action: redact
    detect_patterns:
    - name
    - email
    - phone
    - address
    - date_of_birth
    - national_id
    - iban
    redaction:
      marker_format: label
  hipaa-phi-detector:
    mode: hipaa_18
    action: redact
    safe_harbor_method: true
  dlp-filter:
    detect_patterns:
    - '\b[A-Z]{2}[0-9]{8,12}\b'
    - '\b[A-Z]{2}[0-9]{2}[A-Z0-9]{4}[0-9]{7}([A-Z0-9]?){0,16}\b'
    action: redact
  data-routing-policy:
    require_zero_data_retention: true
    require_no_training: false
    on_no_compliant_provider: block
    log_provider_selection: true
  bias-monitor:
    protected_characteristics:
    - gender
    - race
    - age
    - disability
    threshold: 0.85
    action: escalate
  human-oversight:
    require_human_for:
    - diagnosis-suggestion
    - treatment-recommendation
    action: escalate
    confidence_threshold: 0.5
    default_assignee: clinical-review
    timeout_seconds: 1800
  quality-scorer:
    benchmarks:
      coherence: true
      completeness: true
    thresholds:
      min_aggregate: 0.8
      min_coherence: 0.75
      min_completeness: 0.8
    failure_action:
      action: block
  audit-logger:
    immutable: true
    retention_days: 1825
    log_all_access: true
    hipaa_audit_controls: true
providers:
  targets:
  - id: openai-primary
    provider: openai
    model: gpt-4o-mini
    secret_key_ref:
      env: OPENAI_API_KEY
    data_policy:
      zero_data_retention: true
      training_opt_out: true
      retention_days: 0

EU-Only Provider Configuration

pack:
  name: healthcare-gdpr-providers-2
  version: 1.0.0
  enabled: true
providers:
  targets:
  - id: mistral-eu
    provider: mistral
    model: mistral-large-latest
    secret_key_ref:
      env: MISTRAL_API_KEY
  - id: vertex-eu
    provider: vertex
    model: gemini-2.0-flash
    secret_key_ref:
      env: GOOGLE_APPLICATION_CREDENTIALS
policies:
  chain:
  - audit-logger
policy:
  audit-logger:
    immutable: true
    retention_days: 365
    log_all_access: true
    hipaa_audit_controls: true

Example Scenarios

GDPR Data Minimization
Blocked: Non-EU Provider

Clinician: "Patient Maria Schmidt, DOB 15/03/1985, EHIC DE12345678,
presents with type 2 diabetes. Recommend treatment plan."

→ pii-detector redacts name, DOB, health insurance number
→ hipaa-phi-detector redacts diagnosis reference
→ data-routing-policy: Verified EU-only provider
→ LLM receives: "Patient [GDPR-REDACTED-name], DOB [GDPR-REDACTED-dob],
   EHIC [GDPR-REDACTED-national_id], presents with [PHI-REDACTED].
   Recommend treatment plan."

Request routed to US-based provider

→ data-routing-policy BLOCKS
  Reason: Provider region (us) not in allowed regions (eu)
  GDPR Art. 44: Cross-border transfer prohibited

DPIA Support

The EU AI Act and GDPR Article 35 require Data Protection Impact Assessments for high-risk health AI. Use Keeptrusts audit logs as evidence:

# Export audit data for DPIA review
kt events export \
  --from "2024-01-01" \
  --to "2024-12-31" \
  --policy "pii-detector,bias-monitor,human-oversight" \
  --format json \
  --output dpia-evidence.json

Provider Recommendations

Use Case	Provider	Reason
EU data residency	Mistral AI	EU-headquartered, data stays in EU
EU cloud	Google Vertex AI (europe-west4)	GCP EU regions
Self-hosted	Ollama / vLLM	Full data control

For AI systems

Canonical terms: Keeptrusts EU healthcare governance, GDPR Article 9, data minimization, cross-border transfer restrictions, EU AI Act health AI.
Policy pack: healthcare-eu-gdpr with chain: prompt-injection → rbac → pii-detector → hipaa-phi-detector → dlp-filter → data-routing-policy → bias-monitor → human-oversight → quality-scorer → audit-logger.
Key policies: pii-detector (GDPR Article 5 data minimization with redaction), hipaa-phi-detector (Article 9 special category health data), data-routing-policy (Articles 44-49 cross-border transfer enforcement), human-oversight (EU AI Act high-risk transparency), bias-monitor (equitable health AI), audit-logger (Article 35 DPIA evidence).
CLI: kt gateway run --policy-config ./policy-config.yaml, kt events tail --policy data-routing-policy, kt events tail --policy hipaa-phi-detector.

For engineers

Deploy: kt gateway run --policy-config ./policy-config.yaml --port 41002
Validate: kt doctor confirms hipaa-phi-detector, data-routing-policy, human-oversight, and bias-monitor are active.
Monitor health data: kt events tail --policy hipaa-phi-detector (Article 9 special category redaction).
Monitor data sovereignty: kt events tail --policy data-routing-policy (cross-border transfer blocks).
Monitor human oversight: kt events tail --policy human-oversight (EU AI Act compliance).
Export DPIA evidence: kt export create --format json --filter "policy=audit-logger,bias-monitor,human-oversight"
Console: Events (filter by data-routing-policy), Escalations (route to DPO), Audit Log (Article 35 DPIA documentation).

For leaders

Addresses GDPR Article 9 (special category health data), Article 5 (data minimization), Articles 44-49 (cross-border transfers), Article 35 (DPIA requirements), and EU AI Act (high-risk health AI).
Health data sovereignty enforced technically — AI data stays within EU jurisdiction per GDPR adequacy requirements.
Special category health data (Article 9) is automatically detected and redacted before reaching any LLM provider.
EU AI Act high-risk transparency requirements satisfied with mandatory human oversight for clinical AI decisions.
Bias monitoring ensures equitable health AI across patient demographics.
Full DPIA evidence trail generated automatically for supervisory authority reviews.

Next steps

Industries overview — Compare all industry policy configurations
Healthcare (HIPAA) — US HIPAA PHI protection
EU AI Act Compliance — Full high-risk AI governance framework
Pharmaceutical — Clinical trial and GxP compliance
Public Health — Population health data governance
Quickstart — Deploy your first gateway in minutes

Use this page when​

Primary audience​

Regulatory Requirements​

Complete Policy Configuration​

EU-Only Provider Configuration​

Example Scenarios​

DPIA Support​

Provider Recommendations​

For AI systems​

For engineers​

For leaders​

Next steps​