Built for your vertical
Select your industry. AiT Hosted Agents applies the right compliance frameworks, DLP rules, and BAA addenda automatically at onboarding.
Healthcare
PHI is blocked at the DLP layer before any output leaves the tenant environment. Every agent interaction is logged with tamper-evident SHA-256 hashes. Fully executed BAA required at signup. Input and output content is never retained in the audit record.
Relevant agents
- Compliance Evidence Collector — auditor-grade evidence packs for HIPAA controls
- Helpdesk Tier-1 Triage — KB-grounded ticket classification with PHI-safe routing
- Audit-Trail Narrator — accounting of disclosures in plain English
Behavioral Health
The highest compliance tier. PHI is blocked identically to Healthcare. Additionally, the 42 CFR Part 2 addendum restricts substance use disorder record re-disclosure and enforces patient consent logging. CARF accreditation requirements map to audit log retention policies automatically.
Relevant agents
- Compliance Evidence Collector — HIPAA + 42 CFR Part 2 + CARF evidence packs
- Helpdesk Tier-1 Triage — PHI blocked, SUD-record re-disclosure consent gate
- Audit-Trail Narrator — single-consent verification for 42 CFR Part 2 disclosures
Legal
PII and confidential client data detected in agent output is flagged and quarantined for attorney review rather than blocked outright. Attorneys retain control over what is retained, shared, or deleted. Attorney-client privilege considerations are surfaced as part of the review workflow.
Relevant agents
- Compliance Evidence Collector — SOC 2 evidence packs with attorney review workflow
- Helpdesk Tier-1 Triage — matter-routing with privilege flag
- Audit-Trail Narrator — plain-English access and disclosure narratives
Financial Services
Financial data, account numbers, and PII detected in agent output are flagged with configurable thresholds. GLBA safeguard requirements map to audit log retention and access controls. FERPA applies to education-sector financial aid processing. Compliance officers receive a daily digest of flagged interactions.
Relevant agents
- Compliance Evidence Collector — GLBA safeguards evidence packs
- Helpdesk Tier-1 Triage — auto-redact mode for financial PII on Enterprise tier
- Audit-Trail Narrator — regulator-ready access narratives with configurable redaction
Three agents. Every regulated industry.
The MVP catalog covers the three universal compliance pain points: audit preparation, help desk triage, and accounting of disclosures. Every agent ships with DLP scanning, tamper-evident audit logging, and BAA coverage from Day 1.
Agent 01 — MVP
Compliance Evidence Collector
Generates auditor-grade quarterly evidence packs covering MFA enforcement, account dormancy, encryption status, key rotation age, pull-request approval rates, and incident response SLA adherence. Output: Markdown + XLSX + SHA-256 manifest.
Agent 02 — MVP
Helpdesk Tier-1 Triage
Ingests tickets from Zendesk, Freshdesk, or Jira Service Management. Classifies, drafts responses grounded in your KB, and auto-replies or escalates to human agents. PHI-safe routing with CCPA pre-use notice and opt-out built in. Human approval required before delivery.
Agent 03 — MVP
Audit-Trail Narrator
Ingests heterogeneous audit logs from M365, Google Workspace, GCP Cloud Audit, and Splunk or Sentinel. Produces plain-English narratives for HIPAA accounting of disclosures, 42 CFR Part 2 single-consent verification, and CISO investigation summaries.
One shop. Not one more vendor.
thoughtful.ai is purpose-built for healthcare revenue cycle management. AiT Hosted Agents is built for CISOs who are also the HIPAA Security Officer, the IT Director, and the compliance lead at a multi-framework, multi-site shop.
Your data never leaves your tenant
Every agent call flows through a four-stage pipeline hosted in your dedicated GCP environment. PHI is classified and blocked before any LLM call. The audit record is written before the response is returned.
Dedicated infra, your encryption keys
PHI blocked before LLM call
Tamper-evident, no raw PHI stored
Auditor-ready, SHA-256 verifiable
Three tiers. No hidden compliance fees.
Every tier includes DLP scanning, HIPAA-compliant audit logging, tenant isolation, and a signed BAA. The difference is agent throughput, vertical pack access, and support level.
Tier 1
Starter
Per-seat base. One vertical.
Annual commitment — volume discounts available
- All 3 MVP agents
- One vertical (Healthcare, BH, Legal, or Finance)
- Vertical-aware DLP scanning
- HIPAA-compliant audit log (SHA-256 hashes)
- Automated BAA wizard
- Multi-tenant isolation
- Up to 10,000 agent actions / mo
- Standard SLA (24-hour response)
Tier 2
Professional
Per-seat base + metered overage.
Overage capped at $500 / mo — no runaway bills
- Everything in Starter, plus:
- Multi-vertical access (all four)
- 42 CFR Part 2 addendum (Behavioral Health tenants)
- Custom DLP threshold configuration
- NDJSON + CSV audit export (subpoena-ready)
- Daily compliance digest to designated officer
- Unlimited agent actions (within overage cap)
- Enhanced SLA (8-hour response, 99.5% uptime)
Tier 3
Enterprise
Per-seat base + vertical packs.
Vertical packs from $500 / mo — custom quotes for multi-site
- Everything in Professional, plus:
- Dedicated GCP subproject per customer
- Customer-controlled KMS encryption keys
- SIEM export to Splunk, Sentinel, or GCS
- Vertical pack add-ons (full 12-agent catalog)
- Dedicated compliance officer liaison
- Quarterly compliance review + controls documentation
- Priority SLA (4-hour response, 99.9% uptime guarantee)
90-day flat-fee pilot available for the first regulated-industry customer. Includes all three MVP agents, full onboarding, and dedicated compliance support. Pilot pricing: $24,000 / mo. Contact us to discuss fit.
Book a 90-min Working Session
We walk through the Compliance Evidence Collector using your actual framework requirements. You leave with a clear picture of what Day 1 looks like for your organization — evidence pack in hand.
Intelligent Group — sales@intelligentit.io — 212-730-1844