Skip to main content
The Compliance endpoint checks whether AI-generated content and its surrounding context satisfy the requirements of major regulatory frameworks. It returns a pass/fail verdict per framework, flagged clauses, and remediation guidance. Compliance is a separate check from Evaluation: evaluation scores quality across the 8 RAIL dimensions, while compliance assesses content against specific regulations. They are independent calls — use evaluation for everyday quality scoring, and compliance when you need a regulatory verdict.
API endpoint: POST /railscore/v1/compliance/check | Python: client.compliance_check()

Supported frameworks

CodeFrameworkRegion
gdprGeneral Data Protection RegulationEU
ccpaCalifornia Consumer Privacy ActUS (California)
hipaaHealth Insurance Portability and Accountability ActUS
eu_ai_actEU Artificial Intelligence ActEU
india_dpdpIndia Digital Personal Data Protection ActIndia
india_ai_govIndia AI Governance GuidelinesIndia

Basic usage

from rail_score_sdk import RailScoreClient

client = RailScoreClient(api_key="YOUR_RAIL_API_KEY")

result = client.compliance_check(
    content="Your AI system collects user behavior data to personalize responses.",
    frameworks=["gdpr", "eu_ai_act"],
    context="B2C SaaS chatbot processing EU user data",
)

for framework, check in result.frameworks.items():
    print(f"{framework}: {'PASS' if check.compliant else 'FAIL'}")
    for issue in check.issues:
        print(f"  - {issue.description}")
        print(f"    Remedy: {issue.remediation}")

India DPDP: dedicated API

POST /compliance/check gives you a point-in-time verdict for any framework, including India DPDP. India DPDP additionally has a suite of 7 dedicated endpoints for teams that need stateful, lifecycle compliance rather than a single check — use these when you must track consent, deadlines, and audit evidence across a user journey:
  • Scan content for Indian PII (Aadhaar, PAN, mobile, UPI, passport, and 5 more types), child signals, and purpose drift
  • Evaluate actions against DPDP rules with allow/block/require_action verdicts
  • Emit compliance events (consent, DSR, breach, retention) with automatic timer creation
  • Require proactive guidance for what the application must do at each workflow step
  • Evidence generation for audit-grade packets (DSR responses, breach notifications, annual reports)
  • Session management for stateful tracking across a user journey
  • Timers for monitoring DSR SLAs, breach notification deadlines, and retention windows

India DPDP API Reference

Full endpoint reference with request/response examples.

What’s next

Compliance API Overview

All compliance frameworks and dedicated endpoints.

API Reference: Compliance Check

General compliance check parameter reference.

Python SDK: Compliance

Python SDK examples.

DPDP: Content Scan

Indian PII detection and masking.