Access control
Define who can use the workflow, who can review outputs, and which source libraries each role can reach.
Private AI trust model
Make the AI boundary inspectable.
WonderWave documents how a private AI pilot handles access, sources, redaction, approval, logging, and refusal behavior. Teams see the operating boundary before expansion, with each control captured in plain English.
Controls
Visible pilot controls.
Useful private AI work starts with visible controls. The pilot shows source access, review gates, redaction choices, and audit records before wider rollout.
Approved sources
Limit answers and drafts to selected documents, SOPs, forms, templates, or records approved for the pilot.
Redaction
Identify fields to mask, block, or keep out of prompt context during early testing.
Human approval
Keep client, patient, customer, financial, or legal outputs in review mode before final use.
Audit log
Record source use, risk flags, redactions, AI output, and reviewer decisions during the pilot.
Refusal rules
Define questions the assistant refuses, cases it escalates, and work that stays manual.
Audit panel
Security appears inside the workflow.
The pilot makes trust visible by showing why a result was generated, what sources were used, what was blocked, and who must approve it.
Latest run
- Source read: approved claim file Allowed
- Sensitive field detected Redacted
- Hosted model request Blocked
- Reviewer assigned Attorney
Review the boundary
Sensitive data deserves a visible boundary.
The first pilot review maps sensitive data categories and decides what the assistant can safely do.