Compliance API
Assess AI-generated content for regulatory compliance across 7 global frameworks including GDPR, HIPAA, EU AI Act, and more.
Enterprise Feature
Compliance endpoints are available exclusively for Enterprise customers. Contact sales to enable compliance features for your organization.
7 Regulatory Frameworks Available
Evaluate compliance for GDPR, EU AI Act, HIPAA, CCPA, India DPDP, SOC2, and NIST AI RMF. Each framework uses specific dimension weights based on regulatory priorities.
POSTCompliance Assessment
Full regulatory compliance assessment for specific framework. Returns compliance score, status, risk level, and detailed dimension breakdown.
/railscore/v1/compliance/assessRequest Headers
| Header | Value | Required |
|---|---|---|
| Authorization | Bearer your-rail-api-key | Yes |
| Content-Type | application/json | Yes |
Request Body
| Parameter | Type | Description |
|---|---|---|
| content | string | AI-generated content to assess (min 10 characters) |
| framework | string | Framework ID: gdpr, eu_ai_act, india_dpdp, hipaa, ccpa, soc2, or nist |
Example Request
curl -X POST https://api.responsibleailabs.ai/railscore/v1/compliance/assess \
-H "Authorization: Bearer your-rail-api-key" \
-H "Content-Type: application/json" \
-d '{
"content": "Our AI chatbot collects user emails and IP addresses for analytics",
"framework": "gdpr"
}'Response (200 OK)
{
"framework": "gdpr",
"framework_name": "General Data Protection Regulation",
"jurisdiction": "EU",
"compliance_score": 6.45,
"compliance_confidence": 0.82,
"status": "partially_compliant",
"risk_level": "medium",
"dimension_scores": {
"privacy": {
"score": 7.0,
"confidence": 0.85,
"weight": 0.30
},
"transparency": {
"score": 5.5,
"confidence": 0.80,
"weight": 0.20
},
// ... all 8 dimensions
},
"concerns": [
{
"dimension": "transparency",
"score": 5.5,
"weight": 0.20,
"severity": "moderate"
}
],
"processing_time_ms": 12450.3
}Status Values
compliant
Score ≥ 8.0 - Low risk, meets requirements
partially_compliant
Score 6.0-7.9 - Medium risk, needs improvement
non_compliant
Score < 6.0 - High risk, fails requirements
POSTQuick Privacy Check
Fast PII (Personally Identifiable Information) detection optimized for GDPR, CCPA, and DPDP privacy requirements. Synchronous response, no queue.
/railscore/v1/compliance/quick-checkExample Request
curl -X POST https://api.responsibleailabs.ai/railscore/v1/compliance/quick-check \
-H "Authorization: Bearer your-rail-api-key" \
-H "Content-Type: application/json" \
-d '{
"content": "Contact support at john.doe@example.com or call 555-123-4567"
}'Response (200 OK)
{
"privacy_score": 7.0,
"risk_level": "medium",
"pii_entities_count": 2,
"entities_found": [
{
"type": "EMAIL_ADDRESS",
"score": 0.95,
"start": 17,
"end": 38
},
{
"type": "PHONE_NUMBER",
"score": 0.85,
"start": 47,
"end": 59
}
],
"compliant": false
}Detected PII Types
EMAIL_ADDRESSPHONE_NUMBERCREDIT_CARDSSNPERSONLOCATIONIP_ADDRESSMEDICAL_LICENSEDATE_TIMEGETList Frameworks
Get list of all available compliance frameworks with their dimension weights and jurisdictions.
/railscore/v1/compliance/frameworksExample Request
curl https://api.responsibleailabs.ai/railscore/v1/compliance/frameworks \
-H "Authorization: Bearer your-rail-api-key"Available Frameworks
| Framework | Jurisdiction | Top Priorities | Best For |
|---|---|---|---|
GDPR General Data Protection Regulation | EU | Privacy (30%), Transparency (20%), Accountability (15%) | EU data processing and storage |
EU AI Act EU Artificial Intelligence Act | EU | Safety (25%), Transparency (20%), Reliability (15%) | High-risk AI systems in EU |
India DPDP Digital Personal Data Protection Act | India | Privacy (30%), Accountability (20%), Transparency (15%) | India data processing |
HIPAA Health Insurance Portability and Accountability Act | US | Privacy (35%), Safety (20%), Reliability (15%) | US healthcare applications |
CCPA California Consumer Privacy Act | US-CA | Privacy (35%), Transparency (20%), User Impact (15%) | California consumer data |
SOC 2 Service Organization Control 2 | Global | Reliability (25%), Safety (20%), Accountability (20%) | Service organizations globally |
NIST AI RMF NIST AI Risk Management Framework | US | Balanced across all dimensions (~15% each) | US AI systems and applications |
Error Responses
400Bad Request
Invalid framework or content too short
{"error": "Unknown framework: invalid_framework"}403Forbidden
Enterprise feature not enabled
{"error": "Compliance endpoints require Enterprise plan"}429Rate Limit Exceeded
Too many requests
{"error": "Rate limit exceeded", "retry_after": 60}Code Examples
Python
import requests
API_KEY = "your-rail-api-key"
API_URL = "https://api.responsibleailabs.ai"
# Full GDPR compliance assessment
response = requests.post(
f"{API_URL}/railscore/v1/compliance/assess",
headers={"Authorization": f"Bearer {API_KEY}"},
json={
"content": "We collect user data including emails and IP addresses",
"framework": "gdpr"
}
)
result = response.json()
print(f"Compliance Score: {result['compliance_score']}/10")
print(f"Status: {result['status']}")
print(f"Risk Level: {result['risk_level']}")
# Quick PII check
pii_response = requests.post(
f"{API_URL}/railscore/v1/compliance/quick-check",
headers={"Authorization": f"Bearer {API_KEY}"},
json={"content": "Contact: support@company.com"}
)
pii_result = pii_response.json()
print(f"PII Entities Found: {pii_result['pii_entities_count']}")JavaScript / Node.js
const API_KEY = "your-rail-api-key";
const API_URL = "https://api.responsibleailabs.ai";
// Full compliance assessment
const assessCompliance = async () => {
const response = await fetch(`${API_URL}/railscore/v1/compliance/assess`, {
method: "POST",
headers: {
"Authorization": `Bearer ${API_KEY}`,
"Content-Type": "application/json"
},
body: JSON.stringify({
content: "Healthcare app processing patient medical records",
framework: "hipaa"
})
});
const result = await response.json();
console.log(`HIPAA Score: ${result.compliance_score}/10`);
console.log(`Status: ${result.status}`);
return result;
};
assessCompliance();Need Help with Compliance?
Our compliance endpoints make it easy to ensure your AI applications meet regulatory requirements.
Get Started