Skip to content
English
  • There are no suggestions because the search field is empty.

What regulatory frameworks govern the use of personal data for AI training, and how does TeraDact help?

Multiple frameworks place restrictions on using personal data to train AI systems

Multiple frameworks place restrictions on using personal data to train AI systems:

  • GDPR / UK GDPR: Requires a lawful basis for processing; using personal data for AI training typically requires explicit consent or legitimate interest — desensitized data avoids this requirement
  • HIPAA: Protected Health Information (PHI) cannot be used in AI training without patient authorization or de-identification under the Safe Harbor or Expert Determination standard — TeraDact supports both
  • CCPA / CPRA: California residents have the right to opt out of use of their data for certain automated decision-making — desensitizing data removes the personal data nexus
  • EU AI Act: Requires documentation of training data sources and governance — TeraDact's audit trail and processing logs support this compliance documentation requirement