Autonomous Freedom-of-Information AI · sealed on-prem black box
SentryVault answers access requests the way a flawless records officer would — except it has already read everything, remembered when it changed, and connected what relates. A sealed black box that catalogs every system, finds every responsive record, drafts the redactions, alerts the right people, and hands your officer a defensible package. Your officer decides. SentryVault does the search.
SentryVault is engineered to military-grade discipline for government and regulated industry. It assumes the data it holds is the most sensitive an organization has, and is designed — architecturally, not just by policy — so that information cannot leave except as a sealed, audited response to a named officer.
SentryVault continuously records data from every system, catalogs it bitemporally, and draws explicit and inferred connections by time, context, content, and human tags. A request routed into the fabric produces a complete, pre-redacted package — with the people who need to act already alerted.
Inbound-only connectors catalog records from every system — email, document stores, line-of-business apps, case files. The source of record stays in the source; SentryVault holds the map, the connections, and a governed, gated content index.
Every record and connection is stamped with when it was true and when SentryVault knew it. Where a source can't be read — a filing cabinet, a personal drive, a departed mailbox — SentryVault infers its existence from the evidence and flags it for a human check.
An incoming FOI request is parsed into scope and routed across the graph. SentryVault returns a map of what data exists where — what it can read directly, what needs an offline check, and what is known to exist but isn't retrievable.
SentryVault sends information-sharing alerts to the staff who may hold responsive records and offline-check tasks to custodians — each tied to the statutory clock. Their responses flow straight back into the package.
For every field, SentryVault proposes redactions with the specific statutory exemption cited and a rationale — embedded for the officer. Nothing is auto-applied. The officer accepts, modifies, or rejects.
The approved package leaves through a single sealed, integrity-hashed, recipient-bound gate — fully auditable, with a bitemporal trail an oversight commissioner can reconstruct exactly.
SentryVault installs as a single-purpose, single-organization appliance on infrastructure you control (or IAXOV-operated Canadian sovereign infrastructure). It is engineered so that data physically cannot be exfiltrated.
SentryVault is operated to controls aligned with SOC 2 Type II, ISO/IEC 27001, and ISO/IEC 42001 by design, and to Canadian access & privacy law. The controls below are how it earns a defensible release — and survives an appeal.
Every record and field carries a classification; access is denied unless a role is explicitly granted. The responding officer and the assembly service are the only readers of in-scope content, and only for an active request.
Personal information is masked before any model call and before any cache key — eight categories by default, extendable per workflow. Sensitive content never reaches reasoning in the clear.
Every access, index, package, and release is an immutable chain-of-custody event. Retained for seven years. Nothing is edited; history is the record.
SentryVault reconstructs exactly what existed, where, as of the request date and as it was known then — the two-axis history an access appeal demands.
Redaction proposals cite the specific section of the governing act (re-seeded per jurisdiction). The officer's decision and rationale are recorded for oversight.
The connected-systems catalogue, the model catalogue, and the control set are available to you on request and in advance of any audit. Model identity is anonymised by design to eliminate bias.
In one paragraph: SentryVault is a sealed, on-prem, single-organization black box that records every system bitemporally, connects what relates, and turns a Freedom-of-Information request into a complete, pre-redacted, fully-audited response package — alerting the staff who must act and inferring the offline sources that must be checked — while being architecturally incapable of leaking data and engineered to pass FOIP/HIA, PIPEDA, SOC 2, ISO 27001, and ISO 42001 review. The machine does the search; your officer makes the decision.
SentryVault is delivered as a managed service on Legion by IAXOV. Briefings are conducted under NDA for government and regulated-industry records, privacy, and security leadership.