Real-World Use Cases

See how teams use Clausi to achieve and maintain regulatory compliance

GDPR Compliance for SaaS Application

GDPR

Audit a web application handling EU citizen data for GDPR compliance

Scenario

A SaaS company processing customer data needs to ensure their codebase complies with GDPR requirements for data protection, consent management, and user rights.

Command

clausi scan /path/to/saas-app -r GDPR --format pdf

Typical Findings

  • Data retention policies not clearly defined in code
  • Missing encryption for personal data at rest
  • Insufficient logging for data access audits
  • No implementation of right-to-erasure endpoints

Benefits

  • Identify data protection gaps before audits
  • Demonstrate compliance efforts to customers
  • Reduce legal risk and potential fines
  • Speed up security certification processes

EU AI Act for Machine Learning Pipeline

EU-AIA

Ensure your ML model training and deployment meets EU AI Act requirements

Scenario

An AI company developing a high-risk AI system needs to comply with the EU AI Act requirements for transparency, human oversight, and risk management.

Command

clausi scan /path/to/ml-pipeline -r EU-AIA --mode thorough

Typical Findings

  • Missing documentation of training data sources
  • No human oversight mechanisms in inference code
  • Insufficient bias testing and mitigation
  • Lack of explainability features in model outputs

Benefits

  • Prepare for EU AI Act enforcement deadlines
  • Build trust with European customers
  • Avoid market access restrictions
  • Improve AI system quality and safety

HIPAA Compliance for Healthcare API

HIPAA

Validate that your healthcare API properly protects patient health information

Scenario

A healthcare technology startup building a patient data API needs to ensure HIPAA compliance for handling Protected Health Information (PHI).

Command

clausi scan /path/to/health-api -r HIPAA --format html

Typical Findings

  • PHI transmitted without proper encryption
  • Insufficient access controls for medical records
  • Missing audit trails for PHI access
  • No automatic session timeout implementation

Benefits

  • Pass HIPAA compliance audits
  • Secure partnerships with healthcare providers
  • Avoid costly data breach penalties
  • Protect patient privacy effectively

GitHub Actions CI/CD Integration

EU-AIA

Automatically scan for compliance issues on every pull request

Scenario

A development team wants to catch compliance issues early by integrating Clausi into their continuous integration pipeline.

GitHub Actions Workflow

name: Compliance Check

on:
  pull_request:
    branches: [main]
  push:
    branches: [main]

jobs:
  compliance-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3

      - name: Set up Python
        uses: actions/setup-python@v4
        with:
          python-version: '3.10'

      - name: Install Clausi
        run: pip install clausi

      - name: Run Compliance Scan
        run: |
          clausi scan . -r EU-AIA -r GDPR \
            --format json \
            --skip-confirmation \
            --max-cost 10.00

      - name: Upload Report
        uses: actions/upload-artifact@v3
        with:
          name: compliance-report
          path: audit.*

      - name: Comment PR
        if: github.event_name == 'pull_request'
        uses: actions/github-script@v6
        with:
          script: |
            const fs = require('fs');
            const report = JSON.parse(
              fs.readFileSync('audit_metadata.json', 'utf8')
            );

            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: `## Compliance Scan Results

              - **Regulations:** ${report.regulations.join(', ')}
              - **Files Scanned:** ${report.files_scanned}
              - **Critical Issues:** ${report.critical_count}
              - **Total Issues:** ${report.total_issues}

              View full report in artifacts.
              `
            });

Benefits

  • Catch compliance issues before they reach production
  • Automate compliance checks in code review
  • Generate compliance reports for stakeholders
  • Maintain compliance as codebase evolves

Multi-Regulation Enterprise Audit

EU-AIA, GDPR, SOC2

Comprehensive compliance audit across multiple regulatory frameworks

Scenario

An enterprise software company needs to demonstrate compliance with multiple regulations for different markets and customer requirements.

Command

clausi scan /path/to/enterprise-app -r EU-AIA -r GDPR -r SOC2 --format pdf

Typical Findings

  • Shared findings: Insufficient encryption standards
  • EU-AIA specific: Missing model explainability
  • GDPR specific: No data portability implementation
  • SOC2 specific: Inadequate change management logging

Benefits

  • Single scan for multiple compliance requirements
  • Identify overlapping compliance gaps
  • Reduce audit preparation time
  • Present comprehensive compliance posture

Cost vs. Traditional Compliance Audits

MethodTimeCostFrequency
Manual Audit2-4 weeks$50,000 - $200,000Annually
Consultant Review1-2 weeks$20,000 - $75,000Quarterly
Clausi (v0.3)5-30 minutes$2 - $50Continuous
Clausi (v1.0)2-15 minutes$0.20 - $5Every commit

* Clausi complements but does not replace legal review. Always consult compliance experts for final certification.

Best Practices

Start Small

Begin with a single regulation and small codebase section to understand the tool and findings format.

Use .clausiignore

Exclude test files, dependencies, and generated code to reduce cost and focus on relevant code.

Estimate First

Always run clausi estimate before scanning large codebases to avoid surprises.

Integrate into CI/CD

Catch compliance issues early by running scans on pull requests and monitoring trends over time.

Review with Experts

Use Clausi reports as input for legal and compliance team reviews, not as final certification.

Track Progress

Save reports and compare over time to demonstrate continuous compliance improvement.

Ready to try these examples?

Install Clausi and run your first compliance scan today.

Get Started for Free