Compliance API documentation
The Compliance API documentation can be found here. Please note that you must be logged into your Enterprise workspace to view the API documentation.
How to get access
The Compliance API is only available to Enterprise customers. If you'd like to purchase an Enterprise plan for your organization, please reach out to our sales team or your account manager.
How it works
The Compliance API provides access to logs and metadata from your ChatGPT workspace that you can connect with your eDiscovery, DLP, or SIEM tools.
eDiscovery tools help in identifying, collecting, and delivering electronic information that can be used as evidence in legal cases.
Organizations use these tools during litigation, investigations, or audits. They enable legal teams to sift through large volumes of data to find relevant documents and communications efficiently.
DLP (Data Loss Prevention) tools are used to detect and prevent data breaches, data exfiltration, and the unauthorized use or access to sensitive information within an organization.
They are commonly used to protect intellectual property and ensure compliance with privacy laws and regulations such as GDPR, HIPAA, etc. DLP systems monitor, detect, and block sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage).
SIEM (Security Information and Event Management) tools provide real-time analysis of security alerts generated by applications and network hardware.
They are used for threat detection, security incident management, and compliance. By aggregating and analyzing log data, SIEM systems help identify anomalous behavior and potential threats.
To help with their compliance requirements, customers can take advantage of 8 Compliance API integrations built by leading eDiscovery and Data Loss Prevention (DLP) companies.
You can read more about the Compliance API in our blog post.
Data Retention with the Compliance API
Deleted data is not recoverable. This API does not provide the capability for deleting any data logged for audit or security within OpenAI. All authenticated requests to this API are logged for security and compliance purposes. When an item is deleted using this API, it is also removed from all internal search and retrieval indexes. Data is retained internally for no greater than 30 days following a deletion request.
Will you support any partner integrations?
We are partnering with some of the top compliance tools to provide an out-of-the-box integration to make your connection seamless. Please look out for updates from us later this year.