Skip to main content

AI - Data Privacy & Complaince

Understanding how Labguru Assistant protects your research data

Ilya letnik avatar
Written by Ilya letnik
Updated over a week ago

Infrastructure & Compliance

Labguru Assistant operates on AWS infrastructure, ensuring enterprise-grade security and regional compliance:

  • Regional deployment: Your data is processed in your designated AWS region

  • Compliance standards: Meets regional data protection requirements (GDPR)

  • Secure transmission: All communications are encrypted in transit

Your Data Protection

βœ… What We Guarantee

  • No model training on your data: Your queries and data are never used to train or improve AI models

  • No data retention by AI: Models process your requests in real-time without storing any information

  • Session isolation: Each interaction is independent - the AI doesn't remember previous conversations

  • Data stays in Labguru: Your research data never leaves the Labguru environment

πŸ”’ How It Works

  1. You submit a query to the Assistant

  2. Your request is securely routed through AWS

  3. The AI model processes the request without saving any data

  4. The response is delivered back to you

  5. Only the interaction is logged in Labguru's database

AI Models by Region

Depending on your region, the Assistant may use different AI models:

  • Claude (Anthropic)

  • Mistral

  • Other approved models based on regional availability

All models operate under the same strict privacy standards regardless of provider.

Audit Trail

πŸ“ What Is Recorded

For security and compliance, Labguru maintains an audit trail that captures:

  • Timestamp of each interaction

  • User ID making the request

🚫 What Is NOT Recorded

  • Personal identifiers within queries are not extracted

  • No separate storage of scientific data mentioned in queries

  • No sharing with third parties

  • No cross-account data access

Note that the full query and answer is recorded in the Labguru db.

Access Controls

  • Role-based security: Respects all Labguru view permission settings

Best Practices for Sensitive Data

While the system is secure, consider these guidelines:

⚠️ Avoid including:

  • Passwords or access credentials

  • Patient names or personal health information (unless HIPAA-compliant region)

  • Proprietary formulas with exact concentrations (use placeholders)

  • Unpublished genetic sequences of commercial value

βœ… Safe to include:

  • Sample IDs and experiment numbers

  • General protocol questions

  • Standard calculations

  • Published sequences or methods

Compliance & Certifications

The Labguru Assistant infrastructure which is based on Labguru's maintains:

  • SOC 2 compliance

  • ISO 27001 certification

  • FDA 21#11

Data Deletion

  • Audit logs are retained as long as the Labguru account is active

  • Audit Logs can be exported for compliance needs

Did this answer your question?