An AI supplier is asking for access to clinical, financial, or minors' data.
For procurement
No passport,
no purchase.
Scan the estate. Require the passport before a supplier reaches your data. Grant a visa for one context, with an expiry date — and refuse the renewal when the evidence has lapsed but the contract has not.
Third-party AI intake — declaration to visa (DORA register of information)
Intake
Provider · model · endpoint
Currents scan
Art. 6 route · Annex III test
Evidence call
Annex IV · Art. 10 bias file
Ripple issued
Signed · versioned · portable
Seal Review
DPO · CISO · Art. 14 owner
Droplet
Time-bound · re-scan on swap
Benefit Eligibility Model BE-1.4
Essential public assistance · Annex III 5(a) · GDPR Art. 22
Procurement is where the border actually stands.
Every AI system that reaches a patient record, a credit file, or a child’s account passed through a purchase order first. That is the last point at which a missing DPIA, an unexamined bias, or an agent with write credentials can still be refused at no cost.
The shift
From collecting claims to issuing clearances.
Without AL360° Oceans
- A new questionnaire for every supplier, comparable to nothing
- Evidence in email threads, PDFs, and a shared drive
- No record of which special-category data each system reaches
- DPO and CISO asked to sign without the basis to sign
- Renewal dates in a spreadsheet nobody opens until it is late
- Approval granted once, for everywhere, forever
- A silent model swap invalidates the file, and no one is told
With AL360° Oceans
- One passport per system, issued once, presented at every review
- Evidence sealed as signed Evidence Records, verifiable offline
- Art. 9, Art. 8, and Art. 22 exposure named per system in Atlas
- Role-bound queues: each reviewer sees only what they can defend
- Passports and visas expire on their own schedule, not the contract's
- A Droplet clears ONE context — a second context needs a second visa
- Model change detected; the passport reverts and the visa suspends
What gets closed
Four failures the purchase order is supposed to catch.
A new AI supplier, a new questionnaire, and no comparable evidence across any of them.
Require a Ripple. The passport is issued once by the provider and presented in the same structure at every review — comparable across suppliers, and against named EU AI Act and GDPR articles.
The DPO and CISO sign-offs are the bottleneck, and neither has the evidence to sign.
The passport routes to each role with only what that role can defend: Art. 9 and Art. 22 basis to the DPO; tool allowlist, credential scope, and Art. 12 logging to the CISO. Neither reviews what is not theirs.
The contract renews. The evidence does not.
Passports and visas expire on their own schedule, not the contract's. A renewal against lapsed evidence is refused at the gate rather than discovered at the audit.
The vendor swapped the model behind the endpoint and told no one.
A silent model swap reverts the passport's accuracy and bias sections to unproven and suspends every Droplet granted on them. The supplier is notified; the system stops at its next call.
The supplier gate
Scan. Require the passport. Grant the visa.
Every step is recorded: who cleared it, on what evidence, under which conditions, and until when.
Scan first
Currents opens the file on the AI already inside the perimeter — before the next supplier pitch.
Require the passport
No Ripple, no purchase. The provider issues once; you receive the same structure every time.
Route the review
DPO takes basis and special-category data. CISO takes tools, credentials, egress, and logging.
Grant or refuse the visa
A Droplet clears ONE context, on THIS data, under stated conditions — with an expiry date on its face.
Hold the register
Atlas keeps every passport, visa, and open gap. Renewal without refreshed evidence is not possible.
One case
A triage assistant wants access to the emergency department.
The request
A clinical directorate wants to deploy an AI triage assistant. It processes patient data — GDPR Art. 9 — and is Annex III high-risk under the EU AI Act. Where it is a medical device, MDR applies in parallel.
The scan finds
No Art. 35 DPIA. No Art. 10 bias examination — the model was validated on a cohort that does not match this catchment. No Art. 12 event logging. The model behind the API changed two quarters ago.
The gate
Procurement requires a Ripple before access. The DPO takes the Art. 9 basis and the DPIA; the CISO takes egress, credentials, and logging. Neither signs until the gaps close.
The clearance
A Droplet is granted for adult emergency intake only — read-only, oversight gate on every escalation, twelve-month expiry. Paediatric intake is refused: the population it was validated on is not this one.
Role handoff — under seal
Procurement
Requires the passport before access is discussed
DPO
Art. 9 basis, Art. 35 DPIA, Art. 10 bias examination
CISO
Tool allowlist, credential scope, egress, Art. 12 logging
Procurement
Grants the visa for one context — or refuses it
Each stage seals an Evidence Record: actor, rationale, conditions, timestamp.
Evidence coverage
What every passport answers before you sign.
Which personal data does the system reach, and on what basis?
Data categories with GDPR Art. 6 basis, Art. 9 condition, Art. 8 where minors are involved, Art. 22 where the decision is automated.
Was bias actually examined, or only described?
AI Act Art. 10 group disparity analysis — sealed as an Evidence Record, including proxy reconstruction from postcode, device, or pathway.
Can the human overseer actually intervene?
Art. 14 oversight design: which acts halt, for whom, and on what basis they can disagree with the output.
Has accuracy held since validation?
Art. 15 robustness re-tested against the current population — not the validation set from two model versions ago.
Is every event automatically logged?
Art. 12 traceability. For agents, every tool-call is a signed Evidence Record. Unlogged means unauthorised.
When does the clearance die?
Every passport and every visa expires. A renewal against lapsed evidence is refused at the gate.
Addressed
How the gate fits the process you already run.
“We already run a security questionnaire process.”
A questionnaire is answered by the party with the least incentive to disclose, in a format comparable to nothing. A passport is issued against named articles and sealed by diagnostics that ran on the provider's own data. When the model behind the endpoint changes, the questionnaire stays true and the passport does not.
“Legal handles our supplier reviews.”
AL360° Oceans does not perform legal review, and does not attempt to. It produces the technical and operational record legal cannot construct for itself: which special-category data the system reaches, whether bias was examined under Art. 10, whether oversight under Art. 14 can actually intervene, and whether accuracy has held since validation.
“We already require SOC 2 or ISO 27001.”
Those attest to how a supplier runs its company. They say nothing about whether this model was validated on a population that resembles your patients, whether its agent holds write credentials to your core systems, or whether its RAG corpus has ever been checked for injected instructions.
“This will slow down supplier onboarding.”
The first passport takes the provider an afternoon. Every subsequent review is answered from it in minutes. What is slow today is the sixth reconstruction of the same evidence — and the audit that finds the fifth one was wrong.
Step 1 — the scan
Open the file on your AI suppliers.
Ten working days. Then the gate holds.
Currents names every AI supplier already reaching health, financial, or minors' data, classifies each against Annex III, and hands procurement the queue of passports to require.
AffectLog provides technical and operational evidence to support AI access, supplier-risk, security, privacy, and governance review. Not legal advice, certification, notified-body conformity assessment, or regulatory approval.