Engagements that left the regulator satisfied and the partners quiet.
Names are withheld at the client's request. Outcomes are reported as measured at the close of the initial engagement. We are happy to discuss any of these in detail under NDA.
Three decades of matters, searchable inside the firm, with privilege intact.
A litigation practice with thirty years of filings, discovery, and internal memoranda was losing weeks of associate time on every matter to redundant search. The firm had explored public AI tools and rejected them under ABA Formal Opinion 512. The general counsel needed a system the firm controlled end to end.
We deployed ClerkBox inside the firm's own data center, indexed the entire matter archive under existing access controls, and instrumented every interaction with a privileged audit log. Ethical walls were enforced at the model layer, not the application layer.
“We had two options that satisfied the opinion. Forbid the technology, or own it. Feerstone gave us a way to own it without owning the engineering problem.”
Forty-eight clinics documented in-house, with no PHI ever in transit.
A hospital network spanning forty-eight clinics was losing nine to twelve clinician-hours per week, per physician, to documentation. Existing ambient scribe vendors routed protected health information through third-party infrastructure, which the chief privacy officer would not approve.
ScribeStation was deployed on hardware inside each facility, with inference running locally and notes synced into the existing EHR through the network's own integration layer. Clinicians retained final review and signature before commit.
“Our privacy officer signed the deployment memo on the first read. That has never happened with a vendor that touches charts.”
Decades of program documentation, made searchable inside a CMMC Level 2 boundary.
A supplier with multiple active programs could not give cleared engineers timely access to the documentation they were entitled to read. Each request created a paper trail and a delay. Public retrieval tools were disqualifying. The CMMC assessor required tamper-evident logging of any new system inside the enclave.
CMMC-Ready RAG was deployed inside the existing enclave, scoped to program-by-program access tied to facility clearances. Continuous evidence collection was wired into the assessor's preferred format from day one.
“We asked for a system the assessor would not flag and the engineers would actually use. We have not had to choose between the two.”
One AI program. Two regulators. No data across the line.
A bank with material operations in both Canada and the United States was facing two AI programs, two governance frameworks, and two infrastructure footprints. The board wanted one program. OSFI in Canada and the United States federal banking regulators wanted, in effect, two.
We architected a dual-entity AI program. Canadian workloads run on Canadian infrastructure under the Canadian entity. United States workloads run on the United States side. A shared governance layer reports to the board in one voice. Data does not cross the line.
“Feerstone gave us a program that satisfies both regulators without pretending the border does not exist. That is what we needed.”