Agentic SRE Advanced By Samson Tanimawo, PhD Published Feb 15, 2026 5 min read

Compliance and Agent Decisions: SOC2, PCI, HIPAA Notes

Auditors will ask. The control mappings, the evidence to retain, and the architectures that make compliance straightforward instead of painful.

What auditors will ask

Who authorised this action? The audit trail must show: agent identity, originating user/system, approval chain.

How do you ensure unauthorised actions cannot occur? Tool allowlists, RBAC, two-person approval, all documented.

How do you investigate agent errors? Reproducibility, audit logs, postmortem process for agent-caused incidents.

How do you protect data the agent processes? Redaction, encryption in transit and at rest, access controls.

SOC2 controls

CC7.2 (system monitoring): the agent's audit log satisfies this. Document the retention and review process.

CC8.1 (change management): agent prompt and code changes follow standard change management. PR reviews, approvals, deploys.

CC6.1 (logical access): the agent's access is RBAC-controlled. Document who can grant the agent new permissions.

PCI considerations

Cardholder data: the agent must not process raw PAN. Tokenise upstream; the agent sees tokens.

Audit trails: PCI requires retention for at least 1 year. Match your agent's audit log retention.

Access controls: cardholder data environment is a tighter control set. The agent runs outside or with extra restrictions.

HIPAA considerations

PHI: the agent must not retain PHI in prompts or logs without BAA-covered storage.

Encryption: AES-256 at rest, TLS 1.3 in transit, all standard requirements.

Minimum necessary: the agent's tools are scoped to the minimum data needed. "Just enough" is a HIPAA principle, not just a security one.

Architectures that make compliance easy

Tools as the authorisation boundary. The agent calls tools; tools enforce permissions; the agent has no power outside tools.

Audit logs as immutable append-only. Object storage with object locks. Auditors verify in seconds.

Separate environments for handled data classes. The agent that touches PHI runs in a HIPAA-compliant environment; others run in standard environments.

Documentation: the architecture is described in a one-page document the auditor reads first.