Active pilot — May 2026
Aalborg, Denmark

Healthcare AI

Usetheworld'sbestAI
withoutpatientdataleavingthebuilding.

CareProxy is the security layer between your staff and the AI. It catches CPR numbers, patient names and medical records and keeps them on your own network — so you're compliant from day one, without waiting for legislation.

Designed to support compliance with

GDPR EU AI Act NIS2 ISO 27001

Pilot partners · Danish enterprise

Treat Systems Judex Region Nordjylland

What is CareProxy?

A security layer that lets healthcare staff use AI — without patient data ever leaving the hospital.

No new workflow for the clinician. No patient data in the cloud. CareProxy sits invisibly in the network and looks after it all.

Become compliant now

Meet GDPR, the EU AI Act and NIS2 today — instead of banning AI and waiting for legislation.

Keep the best AI

Your staff keep using ChatGPT and other top models. CareProxy simply sanitises the request first.

Prove it to the regulator

Every single AI request is logged with cryptographic proof. Export the documentation with one click.

Regulatory deadline

EU AI Act takes effect

2 August 2026 · Regulation (EU) 2024/1689

26 d
13 h
17 m
26 s

until EU AI Act Art. 6 takes effect for high-risk AI systems.

What does the EU AI Act require?

From 2 August 2026, documenting and controlling high-risk AI systems in healthcare is a legal obligation — including any AI that handles patient data.

  • 01 Risk classification of all AI systems processing patient data
  • 02 Legal-grade audit log per AI request — available to the regulator on demand
  • 03 Technical documentation and ongoing monitoring of AI outputs
  • 04 Fail-safe mechanisms: AI must be interruptible at any time
57%
Shadow AI in healthcare
Wolters Kluwer Health, 2025
DKK 65M
Avg. cost of a data breach
IBM Cost of Data Breach, 2024

How it works

Follow one request through CareProxy.

From sensitive prompt to safe answer — in milliseconds.

How it works

Follow one request through CareProxy.

From sensitive prompt to safe answer — in milliseconds.

  1. 01
    Prompt & redactionA clinician's prompt is written with personal data; CareProxy masks the CPR and name in under 1 ms.
  2. 02
    Safe routingClean requests go to Cloud AI; confidential data routes to Local AI and never leaves the building.
  3. 03
    Agent stoppedAn AI agent tries to exfiltrate records — CareProxy blocks it instantly.
  4. 04
    Everything loggedEvery AI action is written to a hash-chained, court-ready audit log in real time.

For the CISO

Compliance you can prove — in real time.

Track every AI request live. See what was blocked, what went to cloud, and prove it all with one click when the regulator calls.

  • Live overview of all AI traffic
  • 100% of calls logged and auditable
  • One-click forensic export for regulators
CISO Dashboard Live

Requests today

14,205

Blocked locally

13%

To cloud

87%

● Low-risk → Cloud AI ● High-risk → Local AI
chain_integrity: OK · 14,205 entries verified
audit-log · hash-chained
Decision
Payload hash (SHA-256)
Integrity
DLP_BLOCK
sha256:9c1f…a042
OK
ROUTE_CLEAN
sha256:b73a…8e11
OK
INJECTION_BLOCK
sha256:4f2d…c7a9
OK
SHIELD_BLOCK
sha256:e08a…1f6b
OK
ROUTE_CLEAN
sha256:a142…9d3e
OK

Ed25519-signed · immutable · one-click forensic export

Proof of evidence

Cryptographic proof — ready for the regulator.

Every decision is hash-chained and signed. The log can't be altered without breaking the chain. When the regulator comes, you have indisputable evidence — not a CSV file.

  • Hash-chained, Ed25519-signed audit log
  • Verifiable without contacting CareProxy
  • Covers GDPR Art. 32, ISO 27001, NIS2

Try it yourself

Type a request. Watch the decision.

The same zero-trust layer running in pilot — live in your browser. Type or pick a prompt and watch CareProxy classify and route it in under a millisecond. Nothing leaves your browser.

Try it yourself

Detected signals

  • PIIICD-10 diagnosis code
Triage
0.9 ms
Local AI

Patient data → your on-premise model. Never leaves the building.

Why CareProxy

The only one that does all four.

Healthcare detection
EU sovereignty
Compliance audit
No local AI required
Hyperscaler cloud AI Microsoft, Google
Enterprise AI security e.g. CrowdStrike, Trend Micro
Local open-source AI self-hosted LLM
CareProxy

Healthcare detection: Danish CPR (mod-11), clinical lexicon, contextual re-identification. EU sovereignty: patient data never leaves the hospital's own network (not merely 'EU data residency' in a vendor cloud). Compliance audit: cryptographic hash-chained GDPR/EU AI Act evidence. No local AI required: Shield runs without your own GPU or model operation.

Ready to take control of your AI infrastructure?

CareProxy is under active development. Join the waitlist to be notified as soon as pilot installations open.

Or reach out directly kontakt@careproxy.dk

Join the waitlist

Be among the first hospitals to get access to CareProxy's zero-trust AI routing. We'll reach out as soon as pilot installations open.