Policy templates

Pre-built policies
for the regimes that matter.

Each template is drafted by compliance professionals with direct regulatory experience. Apply unchanged, or use as a starting point. All customisable in the policy editor.

Templates

Seven templates, ready to apply.

Each includes pre-configured source apps, destination apps, content rules, and audit exports. Coverage keeps pace with regulatory updates.

HIPAA

HIPAA Workforce

For US healthcare providers handling PHI across browser-based EHR, email, and clinical tools.

  • PHI identifiers blocked from personal destinations
  • Clipboard events logged with user + timestamp
  • Auto-redaction for approved destinations
  • Exports audit-ready for OCR investigations
Applies to 22 apps
PCI-DSS

PCI Merchant

For teams that touch cardholder data, merchant portals, or payment-gateway admin consoles.

  • PAN and CVV patterns blocked before copy completes
  • Segmented logging for CDE
  • Tokenisation-aware redaction rules
  • PCI-DSS 4.0 evidence exports
Applies to 14 apps
ENG

Source Code Protection

For engineering teams worried about proprietary source, secrets, or internal APIs leaking.

  • API keys, AWS credentials, JWTs blocked at paste
  • Source-code fingerprinting against your repos
  • Approved routes to internal-only AI tools
  • Git-diff audit view
Applies to 18 apps
GDPR

Client Records

For professional-services firms and agencies handling client-identifying information.

  • Named-entity recognition for client identifiers
  • Matter-scoped policies for legal / accounting
  • SAR export support
  • Retention aligned to DPA and LPPA
Applies to 26 apps
DSPT

UK NHS Workforce

For NHS trusts and connected providers. Aligned to the Data Security and Protection Toolkit.

  • NHS number and Spine identifiers blocked
  • Smartcard session-aware rules
  • Compatibility with NHSmail
  • DSPT evidence export format
Applies to 19 apps
FCA

Financial Services

For FCA-regulated firms handling MNPI, MiFID II records, or client money.

  • MNPI paste blocked from research systems
  • MiFID II record-keeping integration
  • Chinese-wall directory-group scoping
  • FCA SYSC evidence exports
Applies to 23 apps
SRA

Legal Matter

For SRA-regulated law firms managing matter-scoped confidentiality obligations.

  • Matter-number recognition and scoping
  • Privilege-aware redaction
  • Conflicts-check integration
  • LPPA-aligned retention
Applies to 17 apps

Can't see the regime you need?

We draft custom templates for specific regulatory regimes when customers ask. Common requests become shipped templates within 4–6 weeks.

Request a template Book a demo

PS If your regime is on the roadmap, we'll tell you. If it isn't, we'll usually add it.