Compliance & Certification

Overview

Compliance and governance are integral parts of the BDA Genesis architecture. The framework is designed to align with regulatory expectations, internal control requirements, and court-grade documentation standards.

This page explains how BDA Genesis approaches the EU AI Act, data protection, and auditability without making premature certification claims.

EU AI Act alignment (design principles)

BDA Genesis is designed with the principles of the EU AI Act in mind.

Key elements:

  • deterministic policy layer and transparent rule sets
  • documented reasoning chains
  • traceability and human oversight
  • clear separation between data, rules, and outcomes

Note: Concrete classification and certification remain subject to future regulatory assessments and formal procedures.

Data protection (DSGVO)

Data protection is treated as a first-class requirement.

  • operates on case data provided by insurers or authorised partners
  • does not rely on uncontrolled external data sources
  • data flows follow insurer policies (retention, access controls)
  • pseudonymisation/anonymisation concepts can be applied where needed

Governance model

Governance covers rule management, versioning, change control, and documentation.

  • every relevant rule set, module version, and configuration is traceable
  • changes follow a documented workflow (rationale, affected modules, outcome impacts)

Audit trail

For each case, BDA Genesis can reconstruct:

  • which input data were used
  • which rules were triggered
  • how the final diagnostic conclusion was reached

Hash-secured logs and time stamps protect against unauthorised changes.

Certification roadmap

Certification is approached as a structured roadmap rather than a one-off step.

Documentation packages can support external assessments (technical descriptions, governance policies, sample audit trails).

Depending on insurer strategy, these materials can form the basis for future conformity assessments, data protection certifications, or sector-specific quality labels.

Boundary

BDA Genesis does not automate coverage, liability or claims decisions.

System role: BDA Genesis supports structured, review-ready documentation and makes assumptions and reasoning paths explicit. It does not generate automated evaluations, recommendations, prioritizations or decisions; responsibility remains with the user.