HIPAA & sovereign deployments
Step-by-step guide to deploying xyner in HIPAA-aligned, sovereign-cloud or fully air-gapped environments.
HIPAA & sovereign deployments
This documentation page is part of the xyner platform documentation — a practitioner-oriented guide for engineers, architects and operations teams.
It assumes you have a working xyner workspace (request access via your sales contact if you don't) and familiarity with standard enterprise security primitives — OAuth2, RBAC, OpenTelemetry.
By the end of this page
You should be able to do each of the following with confidence.
- Understand the architecture and the relevant components.
- Apply the standard patterns to your environment.
- Avoid the most common deployment mistakes.
- Locate the right reference material (API specs, runbooks) when you need to go deeper.
- Engage our solutions architects effectively if you get stuck.
Three concepts to anchor on
Each of these is covered in detail in the appropriate platform documentation.
Control vs data plane
xyner separates the control plane (managed) from the data plane (in your VPC or on-prem). Everything in this guide respects that boundary.
Identity-bound execution
Every agent action is bound to a real principal — not a service account. Plan your RBAC and identity-provider integration early.
Audit-as-evidence
Every reasoning step, tool call and approval is captured for audit. This guide assumes that and references the audit schema as needed.
Where to go from here
Once you've completed this guide, the natural next step is to dive into the relevant API reference, run through the deployment runbook for your environment, and schedule a 30-minute session with our solutions architects to validate your design.
Ready to put autonomous agents to work?
See xyner in your environment with a guided executive demo.