United States

Runtime authority for US sovereign AI.

When HHS-OCR audits a HIPAA Privacy or Security incident, when FDA wants the SaMD post-market evidence, when NYDFS Part 500 requires the cyber-controls trail, when OCC Heightened Standards demands model-risk-management proof — KYE Protocol answers from a record sealed at the moment of action. Replayable from the publishing tenant's JWKS alone. No vendor dependency in the audit path.

rocket_launch Apply for US pilot fact_check Coverage maps
US frameworks mapped to KYE

Per-requirement bijection — healthcare, financial services, cybersecurity.

HIPAA Security & Privacy Rules

45 CFR Part 160, 164 (Subparts A, C, E). Signed Evidence Packs per record-access give HHS-OCR the contemporaneous trail the Audit Protocol requires. Minimum Necessary attestation + BAA-ready evidence pack shape.

HITECH & HITRUST CSF

HITECH Breach Notification Rule + HITRUST Common Security Framework. Audit-chain immutability + per-decision evidence ready for HITRUST controls 01.b, 09.aa, 10.ab and the HITECH 60-day breach window.

FDA SaMD · 21 CFR Part 11 · PCCP

Software as a Medical Device + electronic-records integrity + Predetermined Change Control Plan (FDA-CDRH 2024). KYE™ binds the runtime decision to the PCCP declaration; signed Evidence Pack™ per inference is the post-market record FDA reviewers expect.

OCC · NYDFS Part 500 · SEC Reg SCI

OCC Heightened Standards (model-risk-management) + NYDFS Part 500 (cyber + AI 2024 amendments) + SEC Regulation Systems Compliance & Integrity. Banking-grade audit chain maps directly; signed Replay Proofs verify offline from public keys alone.

NIST CSF map →

NIST AI RMF 1.0 · NIST 800-207

Govern · Map · Measure · Manage + Zero-Trust Architecture. The Measure + Manage functions map directly to KYE runtime-evidence + revocation primitives.

Coverage detail →

FedRAMP · CISA · State AI laws

FedRAMP (federal-cloud authorisations) · CISA Secure-by-Design AI guidance · state AI laws (Colorado SB 205, Illinois Generative AI Act). KYE records keep the federal-and-state audit trail contemporaneous and replayable across jurisdictional boundaries.

US-sovereign deployment

US data, US keys, US control.

  • Data residency — deploy to US-region edge runtime resources; FedRAMP-ready architecture for federal procurements; per-tenant configurable.
  • Customer KMS / HSM — signing keys live in the customer's HSM or AWS GovCloud KMS; KYE never has access to the private key material.
  • Open verifier — HHS-OCR, FDA, OCC, NYDFS, SEC, FINRA, FTC and CISA can each replay an Evidence Pack using only the publisher's JWKS — no vendor dependency in the audit path.
  • BAA-compatible — evidence-pack shape designed for HIPAA Business Associate Agreement evidence handling.
  • Apache 2.0 schemas + vocabulary — the proof formats are open. Patent-track runtime construction is paid; the contracts the customer relies on are not.
US pilots · 6 weeks each

Two distinct buyer journeys.

US SaMD vendors and US healthcare providers procure differently. Two pilot SKUs reflect that.

medical_servicesKYE FDA SaMD Readiness Pilot™For US SaMD vendors. FDA SaMD · 21 CFR Part 11 · IEC 62304 · ISO 14971 · PCCP. Q-Sub / 510(k)-ready summary. £125k–£225k. local_hospitalKYE HIPAA Readiness Pilot™For US hospitals · IDNs · payors. HIPAA Security + Privacy · HITECH · HITRUST · Joint Commission · OCR Audit Protocol. BAA-ready evidence pack. £110k–£195k. account_balanceKYE OCC NYDFS Readiness Pilot™For US-regulated financial institutions. OCC Heightened Standards · NYDFS Part 500 · SEC Reg SCI · FFIEC. £135k–£225k.
{BLOCK} {BLOCK}

Independent — no government affiliation. KYE Protocol™ is an independent protocol and is not affiliated with, endorsed by, or part of any government, regulator, or official “Sovereign AI” programme. References to regulators and frameworks describe the requirements KYE™ helps you evidence — not any official relationship.