Skip to main content
All customers

Helix Health

Healthcare · Stockholm

GDPR-compliant routing across 4 regions with zero data retention

How Helix kept PHI off vendor logs while still using best-of-breed LLMs.

Zero-data-retention mode plus per-region routing was the only combination that passed our DPIA.

Marcus Lindqvist, Head of Platform

Challenge

Helix Health processes clinical-note summarisation for hospital networks across the Nordics. Every LLM call brushes against patient health information, which means every call has to clear a strict data-protection impact assessment: no prompt body retention, no training on customer data, no out-of-region routing.

The team had already negotiated zero-retention agreements with two providers — but ad-hoc, on a per-contract basis, with no programmatic guard that a request couldn't accidentally hit a non-DPA'd model.

Solution

Helix moved their entire inference stack to AllRoutes and switched on:

  • Zero-data-retention mode — flag zdr: true is enforced at the gateway layer. Any request to a model not covered by a ZDR agreement returns 451 Unavailable For Legal Reasons before the body ever leaves Helix's region.
  • Per-region routingregion: "eu-north" keeps requests inside the Frankfurt + Stockholm provider regions, never failing over to US endpoints even during incidents.
  • Audit logs — every routing decision and the provider it landed on is stored in ClickHouse for the auditor's six-month window.

Result

  • DPIA approved in a single review cycle — the auditor confirmed the gateway-level enforcement, no per-team training required.
  • Zero in-region failovers blocked in production — the routing constraint is enforced at request time, not after the fact.
  • One audit trail instead of four separate provider exports at quarter-end.

Ready to ship the same way?

Spin up an API key in under a minute. $5 in free credits gets you through the integration.