Book a demo

Immuta's AI Features

AI-powered Immuta features

AI platform and data processing

Data privacy with AI-powered features

Immuta’s AI-powered features currently leverage AWS Bedrock as the foundational model to simplify specific administrative functions related to managing the Immuta product and data access policies. The features use customer metadata within Immuta specific to the service to create insights or recommendations. Immuta metadata includes the following:

  • Any tags the customer places on tables/views or columns, either automatically or manually

  • Any groups or attributes the customer has assigned to users (not including usernames)

No customer data is transmitted, processed, or stored by the foundational model or shared with model providers or used to improve the base models.

Immuta has reviewed the AI features with our Office of the CISO, including a review by our privacy and legal counsel and our DPO. Immuta transmits, processes, and stores only metadata, specifically attribute names, group names, and tag names, which should not be specific enough to contain personal data. As such, data protection laws such as GDPR and CPPA would not apply. We also do not process PHI, so HIPAA is not applicable. Immuta's platform enables customers to control access to their own data, and, as such, our AI features would be categorized as either minimal risk or limited risk under the EU AI Act. For example, users could provide a natural language description of the type of data access control policy they would like to create in Immuta, and the Immuta AI feature will output a logical expression of a policy to be implemented in the Immuta platform. Users are informed that they are interacting with an AI system. U.S. Executive Order on AI Safety and Security (October 30, 2023) was revoked on Jan 20, 2025, and is longer effective.

Data protection with review assist

Review assist utilizes AWS Bedrock Anthropic Claude models to generate the justification. The AWS Bedrock user guide indicates that AWS and external parties, including Anthropic, cannot access either the prompts or completions and does not use them to train models. The AWS Bedrock user guide also states that prompts and completions are not stored.

Review assist is not designed to query or ship any of your actual data. It only leverages metadata, specifically user attribute names, group names, request form responses, and human-entered justifications from past determinations, which should not be specific enough to contain PII. The review assist recommendation calculation occurs on the Immuta SaaS platform, and only the relevant metadata to that recommendation is sent to Bedrock to generate the justification and does not tie that metadata to a specific user.

Finally, review assist does not automatically make determinations; Immuta will not make determinations on your behalf. The determination is proposed for human review before applying.

Data protection with copilot

Copilot utilizes AWS Bedrock Anthropic Claude models. The AWS Bedrock user guide indicates that AWS and external parties, including Anthropic, cannot access either the prompts or completions and does not use them to train models. The AWS Bedrock user guide also states that prompts and completions are not stored.

Immuta copilot is not designed to query or ship any of your actual data. It only leverages metadata, specifically attribute names, group names, and tag names, which should not be specific enough to contain PII. These are created into embeddings by the Claude embeddings model and indexed into your Immuta tenant.

Finally, Immuta copilot does not automatically apply any policy. Policies are proposed in draft form for human review before applying.

PreviousEncryption and Masking PracticesNextIntroduction

Last updated

Was this helpful?