P
Peekr
Sign in

Compliance Packs

Compliance packs are managed regulatory rule sets that run in-process on every LLM span — no proxy, no traffic leaving your stack. Turn them on by name and Peekr enforces the rules locally as your agent calls the model.

Enable a pack

Pass an HTTPExporter connected to Peekr Cloud, then list the packs you want under compliance=[...]. That's the whole setup.

agent.py
import peekr

peekr.instrument(
    tenant_id="acme",
    exporter=peekr.HTTPExporter(
        endpoint="https://peekr.starkspherelabs.com",
        api_key="pk_live_…",
    ),
    compliance=["HIPAA", "FDCPA"],
)

Note

Compliance packs require the Cloud HTTPExporter and the Pro plan — the rule sets are managed and updated server-side. Need only local, in-process checks? Use guardrails instead, which work on every plan including the free tier.

How enforcement works

Compliance runs as part of the in-process guardrail pipeline, so the ordering is the same: PIIRedact → Eval → Storage → HallucinationBlock. For each span:

1

Input is checked before the model call

Prohibited input patterns are matched before the request reaches the LLM. A match raises a GuardrailError and the model is never called.

2

Output is checked after the model responds

Prohibited output patterns and required disclosures are matched against the response. The violation is recorded on the span, then a GuardrailError is raised.

3

Catch the error around your LLM call

GuardrailError carries .guardrail_name and .span so you can log the violation and return a safe fallback.

python
from peekr.guard import GuardrailError

try:
    resp = client.chat.completions.create(model="gpt-4o", messages=msgs)
except GuardrailError as e:
    print(f"blocked by {e.guardrail_name}", e.span.span_id)
    resp = safe_fallback()

Note

The violation is recorded on the span before the error is raised, so you keep a full audit trail even when a call is hard-blocked.

Available packs

Reference each pack by the exact name below, grouped by jurisdiction.

United States

HIPAA

Health data — HIPAA Privacy Rule

FDCPA

Debt collection — Fair Debt Collection Practices Act

FINRA

Securities — FINRA conduct rules

FAIR_HOUSING

Real estate — Fair Housing Act

EEOC_ADA

Employment — EEOC / Americans with Disabilities Act

UPL

Legal — Unauthorized Practice of Law

TCPA

Messaging — Telephone Consumer Protection Act

TILA_ECOA

Lending — Truth in Lending / Equal Credit Opportunity Act

European Union

GDPR

Data protection — General Data Protection Regulation

EU_AI_ACT

AI systems — EU Artificial Intelligence Act

United Arab Emirates

UAE_PDPL

Data protection — UAE Personal Data Protection Law

UAE_DIFC

DIFC Data Protection Law

UAE_ADGM

ADGM Data Protection Regulations

UAE_CBUAE

Central Bank of the UAE conduct rules

UAE_DHA

Dubai Health Authority health data rules

UAE_RERA

Real Estate Regulatory Agency rules

Saudi Arabia

KSA_PDPL

Data protection — KSA Personal Data Protection Law

For the marketing overview of what each pack covers, see the Guardrails page. For the local, in-process guards you can run on any plan, see the Guardrails docs.