How Epheia Works
A simple overview of privacy receipts for AI.
Imagine walking into a secure briefing room with confidential documents. No photocopier, no USB ports, no way to copy anything. A compliance officer monitors the session, signs a timestamped log at every step, and nothing leaves the room until disposal is confirmed.
That's what Epheia does for AI. When sensitive data enters an AI session, Epheia creates a sealed computing environment where the data can be used but never stored permanently. A continuous chain of cryptographic checks proves the rules were followed within a defined trust boundary, and the AI's response is blocked until every check passes. You don't have to trust anyone's word. You get a signed receipt you can verify yourself.
The Promise Problem
Today, when a hospital uses AI to help with patient records, the AI provider promises not to keep the data. That's a contractual commitment, the equivalent of a sign on a door that says "No documents will leave this room," but with no one watching to make sure.
There's no compliance officer. No session log. No way for the hospital to independently verify that patient data wasn't logged, cached, copied, or stored somewhere it shouldn't be.
This is the gap between a promise and a proof. Every major AI provider (OpenAI, Anthropic, Google, AWS) offers non-retention promises. Epheia provides non-persistence proofs: cryptographic evidence that your data was never durably stored, verified by an independent protocol.
Today: Non-Retention
A policy document. A contractual promise. You trust the provider.
With Epheia: Non-Persistence
A cryptographic proof. A signed receipt. You verify it yourself.
From Briefing Room to Clinic
How the receipt gets made.
The Sealed Room
The Parallel
Your confidential documents enter a secure briefing room: a controlled workspace with no photocopier, no USB ports, no writable media. Nothing can be copied or removed. Everything stays in the room and is cleared when the session ends.
The Reality
Sensitive data enters a sealed computing environment that exists only in temporary memory. Hardware-enforced write blocking prevents any data from reaching permanent storage. No disk, no logs, no swap files.
The Compliance Officer
The Parallel
A compliance officer is present for the entire session, continuously logging: "All documents accounted for. No copies made. Room integrity confirmed." Each entry is signed and timestamped, creating an unbroken record.
The Reality
A cryptographic attestation module continuously signs proof that the data-handling rules are being followed, creating an unbroken chain of evidence anchored to the hardware itself.
The Locked Door
The Parallel
The briefing room door is locked from the inside. Your summary notes, the useful output of the session, can't leave until the compliance officer reviews the complete session log and signs off. If anything is flagged, the door stays locked and nothing leaves the room.
The Reality
The AI's response is blocked by default. A component called the Egress Gate will not release the output unless every check in the verification chain passes. If anything fails, the output is withheld. This is what we mean by "fail-closed."
Your Receipt
The Parallel
When the session ends, the room is swept clean. All documents are securely disposed of, surfaces cleared, and the disposal is logged. You walk out with a signed compliance report that records everything: the room was secure, the monitoring was continuous, the documents were disposed of, and the output was released only after every check passed. Any auditor can independently verify this report.
The Reality
Each session produces a signed privacy receipt: a machine-checkable artifact containing the attestation chain, policy configuration, proof-of-zero (confirming memory was erased), and the verification result. Any auditor can independently check this receipt.
What happens when AI learning is enabled?
Optional. Applies only when AI learning is turned on.
The Parallel
If the organization wants to improve its AI from these sessions, only anonymized statistical summaries can leave the room. For example, "briefings this quarter trended toward topic X." The actual documents, who brought them, and what was discussed never leave. An independent review board checks the anonymization before accepting any summary.
The Reality
When AI learning is enabled, only mathematically anonymized numerical updates can exit the sealed environment. Raw data and unprocessed model updates are destroyed. An independent verifier checks the anonymization parameters before accepting any update.
What This Means For You
Epheia is preparing for launch. Here's what verifiable AI privacy means for the people who need it most.
For Healthcare Leaders
Your clinicians want to use AI. Your compliance team needs proof it's safe. Epheia replaces annual audit reports with per-session, independently verifiable receipts, so you can adopt AI tools without waiting for the next review cycle.
For Compliance & Legal
When auditors ask how you know data wasn't retained, you don't hand them a policy document and hope they trust it. You hand them a cryptographic proof they can verify themselves, session by session, on demand.
For Investors & Partners
Every AI provider promises non-retention. None can prove non-persistence. Epheia closes that gap, backed by a patent-pending portfolio covering the core protocol and an open specification.
Ready to Prove Privacy?
Epheia is preparing for launch. Read the specification or get early access.