Active pilot — May 2026
Aalborg, Denmark

CliniciansuseChatGPTanyway.
Nowit'slegal.

CareProxy is the AI gateway that ensures patient data never leaves the hospital — without blocking innovation.

See how it works ↓

Designed to support compliance with

GDPR EU AI Act NIS2 ISO 27001

Pilot partners · Danish enterprise

Treat Systems
Judex
Region Nordjylland
Regulatory deadline

EU AI Act takes effect

2 August 2026 · Regulation (EU) 2024/1689

76
d
09
h
35
m
27
s

until
EU AI Act Art. 6 takes effect for high-risk AI systems.

What does the EU AI Act require?

From 2 August 2026, documenting and controlling high-risk AI systems in healthcare is a legal obligation — including any AI that handles patient data.

  • Risk classification of all AI systems processing patient data
  • Legal-grade audit log per AI request — available to the regulator on demand
  • Technical documentation and ongoing monitoring of AI outputs
  • Fail-safe mechanisms: AI must be interruptible at any time
57%
Shadow AI in healthcare
Wolters Kluwer Health, 2025
DKK 65M
Avg. cost of a data breach
IBM Cost of Data Breach, 2024

How it works

One second. Automatic. Invisible to the clinician.

CareProxy analyses every request before it leaves the network. If it contains patient data, it's routed to your local model. If it's clean, it goes to the world's best cloud AI.

  • Patient data never leaves the hospital
  • Under one second per request
  • No change to the clinician's workflow
See the architecture
careproxy · live routing
Clinicians
CareProxy Triage
Cloud AI 58.1% clean request
Local AI 41.9% patient data

62 requests · <1 sec · Treat Systems pilot, May 2026

For the CISO

Compliance you can prove — in real time.

Track every AI request live. See what was blocked, what went to cloud, and prove it all with one click when the regulator calls.

  • Live overview of all AI traffic
  • 100% of calls logged and auditable
  • One-click forensic export for regulators
Explore the dashboard
CISO Dashboard · Live

Requests today

14,205

Blocked locally

13%

To cloud

87%

● Low-risk → Cloud AI ● High-risk → Local AI
chain_integrity: OK · 14,205 entries verified

Proof of evidence

Cryptographic proof — ready for the regulator.

Every decision is hash-chained and signed. The log can't be altered without breaking the chain. When the regulator comes, you have indisputable evidence — not a CSV file.

  • Hash-chained, Ed25519-signed audit log
  • Verifiable without contacting CareProxy
  • Covers GDPR Art. 32, ISO 27001, NIS2
See compliance coverage
audit-log · hash-chained
Decision
Payload hash (SHA-256)
Integrity
DLP_BLOCK
sha256:9c1f…a042
OK
ROUTE_CLEAN
sha256:b73a…8e11
OK
INJECTION_BLOCK
sha256:4f2d…c7a9
OK
SHIELD_BLOCK
sha256:e08a…1f6b
OK
ROUTE_CLEAN
sha256:a142…9d3e
OK

Ed25519-signed · immutable · one-click forensic export

Why CareProxy

The only one that does all four.

Healthcare detection
EU sovereignty
Compliance audit
No local AI required
Hyperscaler cloud AI Microsoft, Google
Enterprise AI security e.g. CrowdStrike, Trend Micro
Local open-source AI self-hosted LLM
CareProxy

Healthcare detection: Danish CPR (mod-11), clinical lexicon, contextual re-identification. EU sovereignty: patient data never leaves the hospital's own network (not merely 'EU data residency' in a vendor cloud). Compliance audit: cryptographic hash-chained GDPR/EU AI Act evidence. No local AI required: Shield runs without your own GPU or model operation.

Ready to take control of your AI infrastructure?

CareProxy is under active development. Join the waitlist to be notified as soon as pilot installations open.

See zero-trust routing — live

Or reach out directly kontakt@careproxy.dk

Join the waitlist

Be among the first hospitals to get access to CareProxy's zero-trust AI routing. We'll reach out as soon as pilot installations open.