Security & Compliance Articles
15 articles · Page 1 of 2
Build a Save-Desk Voice Agent That Won't Get You Sued
FTC click-to-cancel was vacated. State laws still bite. The cancel-first architecture, one-shot offers, and audit trail for a save-desk voice agent.
How to Build a Healthcare Appointment Voice Agent (FHIR, 270/271, HIPAA)
Most voice AI tutorials stop after hello. The real build: identity verification, FHIR slots, 270/271 eligibility, A2P SMS, escalation, with HIPAA gates intact.
Building an AI Nurse Line Without Practicing Medicine
Health systems pay $20-30 per nurse-line call. AI is the obvious cost play, but every triage agent raises a malpractice question. Here's the safe architecture.
Build a KYC Voice Agent: 4-Minute Account Open, 5-Year Audit Log
Voice collects name, DOB, SSN. SMS hands the camera the rest. OFAC screens before the next word. Architecture of a KYC voice agent that survives a BSA exam.
Build a Pharmacy Refill Voice Agent (NCPDP, DEA, 60-Second Refill)
Build a voice AI for prescription refills that respects DEA Schedule II, handles NCPDP refill-too-soon rejections, and routes the right calls to humans.
GDPR says delete. EU AI Act says keep. Now what?
GDPR requires deletion on request. The EU AI Act requires 10-year audit trails. Here's how to architect agent memory that satisfies both simultaneously.
Your AI Agent Has No Guardrails
Air Canada honored a refund its chatbot hallucinated. DPD's bot cursed at customers on camera. One e-commerce agent approved $2.3M in unauthorized refunds at 2:47 AM. Here is the five-layer guardrail architecture that prevents all three.
Every Tool Is an Injection Surface
Prompt injection moved from chat to tool calls. Anthropic, OpenAI, and Arcjet shipped defenses in the same month. Here's what changed, what works, and what your agent architecture needs now.
71% of organizations aren't prepared to secure their AI agents' tools
MCP gives AI agents autonomous access to real systems — and introduces attack vectors that traditional security can't see. A technical breakdown of tool poisoning, rug pulls, cross-server shadowing, and the defense framework production teams need now.
Your AI agent remembers everything — should your customers be worried?
Privacy-first memory design for AI agents: what to store, what to forget, how to give customers control, and how to stay compliant across GDPR, HIPAA, and multi-channel deployments.
Voice AI in Regulated Industries: How to Pass an Audit without Breaking a Sweat
Industry research shows that 70-75% of enterprises struggle with AI compliance in regulated industries, leading to audit failures and regulatory penalties. Discover how to build voice AI systems that pass audits with confidence.
Agentic AI Liability: Who's Responsible for What When Things Go Wrong?
Industry research shows that 80-85% of enterprises lack clear liability frameworks for agentic AI failures. Discover how to establish responsibility structures that protect your organization while enabling AI innovation.
The Signal Briefing
One email a week. How leading CS, revenue, and AI teams are turning conversations into decisions. Benchmarks, playbooks, and what's working in production.
