Ambient AI Scribe Privacy Read Now
GLACIS logo GLACIS

Guides & Resources

Free guides on AI compliance, governance frameworks, and building trust infrastructure for regulated industries.

White Paper

The Proof Gap in Healthcare AI

Why compliance claims are no longer enough — and the evidence standard healthcare organizations should demand.

Jennifer Shannon, MD

Frameworks & Regulations

Framework

NIST AI RMF Implementation Guide

Master the NIST AI Risk Management Framework. Practical controls and evidence requirements.

20 min read Regulation

EU AI Act Compliance Guide

Risk classifications, prohibited practices, high-risk requirements, and implementation timeline.

22 min read State Law

Colorado AI Act (SB 24-205)

First comprehensive US state AI law. Impact assessments and June 2026 deadline.

16 min read State Laws

US State AI Laws Tracker

Comprehensive guide to state AI legislation. Colorado, Texas, Illinois, and emerging laws.

18 min read Privacy

Ambient AI Scribe Privacy Guide

Sharp lawsuit, CIPA liability, consent requirements. Navigate ambient clinical documentation risks.

15 min read Certification

ISO 42001 Certification Guide

The international standard for AI management systems. Requirements, timeline, and costs.

15 min read Healthcare

HIPAA Compliant AI Guide

BAA requirements, technical safeguards, common violations & architectural patterns.

12 min read Financial Services

SR 11-7 for AI Systems

OCC/Fed guidance applied to AI. Model validation and governance for financial services.

14 min read

Security & Risk

Security

LLM Security Guide

Prompt injection, data leakage, jailbreaking. Includes the GLACIS Defense Stack framework.

16 min read Security

Prompt Injection Prevention

The #1 LLM security vulnerability. Defense strategies and healthcare-specific controls.

18 min read Testing

AI Red Teaming Guide

Structured methodologies for testing AI safety, security, and reliability.

14 min read Framework

AI Risk Assessment Guide

The GLACIS Risk Matrix. Practical methodology and healthcare-specific considerations.

18 min read Security

AI Supply Chain Security

Model poisoning, data tampering. Third-party model risks and SBOM for AI.

12 min read Operations

AI Incident Response Playbook

Detection, containment, recovery, and post-incident analysis for production AI.

14 min read

Governance & Policy

Buyer's Guide

AI Governance Tools 2026

Compare the best tools. Risk management, model monitoring, and compliance automation.

18 min read Compliance

AI Audit Preparation

Evidence requirements, common findings, and the GLACIS Evidence Hierarchy.

16 min read Template

Generative AI Policy Template

Build your organization's GenAI policy. Acceptable use, data handling, and controls.

15 min read Data

AI Data Governance

Data lineage, quality controls, privacy compliance, and bias prevention.

18 min read Transparency

AI Explainability Guide

Making AI decisions transparent. Techniques, regulatory requirements, and implementation.

16 min read Procurement

AI Vendor Due Diligence

Evaluate AI vendors systematically. Security assessment and risk scoring.

16 min read Free Template

AI Security Questionnaire

50+ due diligence questions for evaluating AI vendor security.

Free Download

Career & Certifications

Career Guide

AI Security Certification Guide 2026

Compare ISACA AAISM, ISC2 AI certificates, prerequisites, costs, and career ROI.

18 min read Career Guide

AI Governance Certification Guide 2026

Compare IAPP AIGP, ISO 42001 Lead Implementer, prerequisites, and career ROI.

20 min read

Articles

AI Governance

The Three Layers of AI Security

Most AI security solutions cover runtime protection. But there's a critical third layer.

8 min read Regulation

EU AI Act Healthcare: What to Know

Most healthcare AI is classified as high-risk, triggering strict logging requirements.

10 min read Clinical AI Safety

When AI Hallucinations Become Malpractice

"One beer at a wedding" becomes "daily heroin use." Without evidence, who's liable?

9 min read Compliance

Why SOC 2 Won’t Protect You From AI Risk

SOC 2 and HITRUST are essential for IT security. But they weren't designed for AI.

7 min read State Regulation

Colorado AI Act for Healthcare Vendors

Colorado becomes the first US state to regulate high-risk AI on June 30, 2026.

8 min read AI Governance

Building AI Trust Through Evidence

The difference between "we have guardrails" and "here's proof."

7 min read Technical Deep-Dive

How We Used AI Without a BAA

Deploying an in-line redaction proxy that strips PHI before it reaches external APIs.

12 min read Infrastructure

Why We Built GLACIS on Cloudflare

Global latency, edge compute, and enterprise security via Cloudflare Workers Launchpad.

6 min read

Ready to Unblock Your Deals?

The Evidence Pack Sprint gives healthcare AI vendors board-ready compliance evidence in days, not months.

Learn About Evidence Pack Sprint