AI Consulting in San Francisco

Stays inside your existing cloud footprint by default. For AWS shops, we deploy using Lambda or ECS depending on the workload, store any embeddings in whatever vector store you're already running or a managed option within AWS like OpenSearch, and route model calls through Bedrock if you need to stay fully in-region for data residency. For GCP, the equivalent path uses Cloud Run or Cloud Functions with Vertex AI model access. We introduce a third-party model vendor only when a specific capability requires it and you've approved the vendor relationship — for example, if you need a model not available through Bedrock or Vertex. In that case, we document the data flow, point you to the vendor's enterprise DPA, and help your security team evaluate it before the integration goes to production. The goal is to add a workflow capability without adding a new vendor relationship to manage if you can avoid it.

We don't start building until the compliance boundary is mapped. For FINRA-regulated workflows, that means identifying whether the output of the AI system could constitute a research report, a recommendation, or a communication with a customer — each of those has different supervisory and recordkeeping obligations under FINRA rules. If the workflow touches customer-facing communications, we build a human-review gate into the process rather than treating the AI output as final. On the recordkeeping side, we make sure any AI-generated content that would otherwise be a business communication is captured in the firm's existing compliance archiving system. For DFPI-licensed lenders and neobanks, the practical constraint is usually around adverse action notices and fair lending — any decisioning workflow gets a human in the loop and an audit log, not because we assume the model is biased but because the regulatory expectation is that you can explain every decision. The audit we run at the start of an engagement surfaces which specific workflows sit inside that boundary and which ones don't, so engineering and compliance can align before a line of code gets written.

It starts with the Business Associate Agreement — we sign as a business associate before any PHI or potentially PHI-adjacent data is in scope, and we document the covered-entity boundary explicitly so there's no ambiguity about what we're treating as protected. For most research ops workflows, we design around de-identified data wherever the research question allows it, which removes the most operationally complex constraints. When the workflow genuinely requires identifiable data — for example, coordinating regulatory submissions that reference specific patients in a trial — we keep the data in your existing infrastructure (Epic, REDCap, your institutional file storage) and build the AI layer to call into it with scoped read access rather than ingesting it into a third-party system. Model calls are routed through providers with HIPAA-eligible service agreements, which currently includes the enterprise tiers of Anthropic, OpenAI, and Azure OpenAI. We provide the data flow diagram and the vendor HIPAA documentation to your IRB or compliance office before go-live, because they'll ask for it and we'd rather you have it ready than be chasing it down during the review.

The practical answer is to build around principles that have been stable across regulatory cycles rather than optimizing for the current text of any specific bill. California AB 2013 (AI training data transparency) and SB 1047 (model safety) both got significant attention in 2024, and the CPRA amendments to CCPA have established an expectation of human review for consequential automated decisions. The pattern that survives these changes: keep humans in the loop for decisions with material consequences for individuals, maintain audit logs that can answer 'why did this system produce this output,' and document the data lineage for anything used to train or fine-tune a model. We build these controls into the initial architecture rather than retrofitting them — an audit log is cheap when it's in the original design, expensive when you're adding it to a system already in production. For clients operating in regulated industries, we also build the workflow documentation to be reviewable by outside counsel without requiring us to explain it, because CCPA enforcement complaints come with discovery obligations that move faster than most engineering teams expect.

The structural difference is that we build for your specific workflow, not a generalized version of your problem. Platform vendors solve for the median use case — their product works for the customer who fits the profile the product was designed around. If your operations have meaningful specificity (a compliance requirement, an unusual data architecture, a workflow that spans three systems that don't have native integrations), platform products tend to require workarounds that accumulate into maintenance debt. We start with the $99 AI readiness audit, which maps your actual workflows, identifies where the friction is, and produces a written assessment of what's worth automating and what isn't. That report is yours regardless of what comes next. If you move forward with a build, it's scoped to your specific environment, priced as a fixed-fee project, and handed off with documentation your own team can maintain. We don't charge per seat, per API call, or per workflow.