Security and Controls
Guardrails, not compliance theater. Every workflow ships with human approvals, audit logs, permission mirroring, and a kill switch. You stay in control.
Why Guardrails Exist
Most automation tools let you build whatever you want with no safety net. Workflows send emails without approval. They process payments without caps. They run in production with no audit trail. When something goes wrong, you find out from a customer complaint.
DecarbDesk takes the opposite approach. Every workflow ships with the same controls your team already follows: approval gates, audit logs, hard caps, and a kill switch. Not because compliance requires it. Because your business requires it.
Human Approval Gates
Every high-value or sensitive action requires explicit human approval before executing. No workflow sends a payment, changes a record, or contacts a customer without someone on your team saying "yes" first.
Approvals happen in your team chat, your email, or a custom interface we build for you. Your team reviews the proposed action, sees the data involved, and confirms before the workflow proceeds. If nobody approves within your configured window, the action pauses and you get an alert.
Audit Logs
Every action taken by every workflow is logged with timestamp, input, output, and decision. You can review the complete history of any workflow at any time.
Logs are structured and searchable. If an invoice was processed last Tuesday, you can pull up exactly what the workflow did, what data it read, what it wrote, and who approved it. Full traceability from trigger to completion.
Permission Mirroring
Workflows never get more access than the human they replace. If your AP clerk can only approve invoices under $5,000, the workflow follows the same rule.
During setup, we map your existing permission structure and replicate it exactly. Role limits, dollar thresholds, and department boundaries are all enforced automatically. The workflow operates within the same constraints your team already follows.
Data Handling
Data stays in your existing tools. Workflows read and write through authorized API connections on your infrastructure. We do not store your data. Processing happens inside your environment.
API credentials are encrypted at rest and in transit. Connections use OAuth where available, and we follow the principle of least privilege: each workflow only gets access to the specific data it needs, nothing more.
Kill Switch
Any workflow can be paused or stopped instantly. One click. There is no waiting period, no queue, no "are you sure" confirmation chain.
Workflows fail safe. If something unexpected happens, they pause and alert you instead of continuing. An unrecognized vendor, an amount outside normal range, a missing field: the workflow stops and asks for help rather than guessing.
No Lock-In
We build on open standards and open-source tools: SMTP for email, HTTP for APIs, PostgreSQL for data, Docker for deployment, Git for version control. Nothing proprietary sits between your tools and the workflow logic. Everything runs on your infrastructure.
Your data stays in your tools at all times. If you cancel, there is nothing to export, nothing to migrate, and nothing held hostage. We connect to your accounting software, your email, your spreadsheets. You walk away with everything exactly where it was.
Automated Safety Checks
Every workflow runs these checks before outputs reach your team. These are not optional add-ons. They ship with every build.
PII Pattern Detection
Documents and attachments are scanned for credit card numbers, social security patterns, and other sensitive data before processing. Flagged items route to manual handling and are never included in automated outputs.
Duplicate Record Detection
Invoice numbers, ticket IDs, and transaction records are cross-referenced against existing data at intake. Duplicates are caught before they create downstream reconciliation problems.
Compliance Phrase Scanning
Outbound communications are checked for required disclosures and prohibited language before reaching the approval gate. Rules are configurable per workflow and per industry.
Amount Anomaly Detection
Transactions and entries with values outside the normal range for that vendor, customer, or category are flagged automatically. The threshold adapts as the workflow processes more data.
Sensitive Data Redaction
When generating draft responses or summaries, the system strips sensitive data patterns from the output before it reaches the reviewer. Source documents are preserved intact. Drafts are clean.
Urgency Signal Detection
Inbound communications are scanned for distress indicators, escalation keywords, and time-sensitive language. High-urgency items bypass normal queue priority and route directly to senior staff.
Compliance Readiness
SMBs in healthcare, finance, and legal need strong data controls. We build workflows that operate within your existing compliance boundaries.
Healthcare (HIPAA)
Data stays in your existing HIPAA-compliant systems. Workflows access only the minimum data required. Audit logs provide the traceability your compliance officer needs.
Finance (SOC 2)
Permission mirroring, encrypted credentials, and structured audit trails. Workflows follow the same approval hierarchies and dollar thresholds your team already uses.
Legal
Client data never leaves your document management system. Privilege boundaries are enforced in the workflow logic. Every action is traceable and auditable.
Specific compliance controls are scoped during the Diagnostic call and validated before go-live.
Questions about security?
We will walk through our controls, answer your questions, and show you how guardrails work in practice.