AI Control Plane · Patent Pending
Three Gates: classify, authorize, route.
Hearth and Alloy, Inc. (d/b/a Three Gates) builds the AI control plane for regulated industries. Every request is classified, authorized, and routed before reaching a model. Detected sensitive values are tokenized before model invocation, with an immutable audit trail behind every decision.
Healthcare available today · Government, legal, and financial verticals on the roadmap
Platform
The Three-Gate Architecture
Most AI safety tools observe what the AI does after the fact. Three Gates intercepts every request before model invocation. Each request passes through three sequential checks: what the data is, who is allowed to use it, and where it can safely go. Patent-pending.
Data Reality
Multiple independent layers contribute to detection coverage across HIPAA identifiers, healthcare codes, and domain-extensible markers for other regulated industries. Works on prompts, transcripts, and files.
“Can this data even be touched by AI?”
Purpose & Authority
Policy evaluates user role, task context, and data classification together, before any model invocation. Detected sensitive values are replaced with typed semantic tokens, and an independent verification layer confirms the request is safe.
“Is this user allowed to do this, right now?”
Risk-Based Routing
A composite risk score determines which approved model or provider a request is eligible for, or blocks it entirely. Organization-scoped allowlists and health-aware routing underneath, an immutable record above.
“Where, if anywhere, is this safe to send?”
Front Door
Start with the free PHI AI Readiness Assessment
A three-module diagnostic, about 30 minutes per employee, that produces an anonymized organizational readiness report your CISO can actually use. Baseline-locked scoring, no retake inflation. Individual scores are never shared. Report unlocks once five employees complete.
What it measures
The Platform
Three Gates: an AI control plane built for regulated industries
Healthcare is the live anchor vertical. Modules below are operational; design partner program open.
Can you help me draft an email to [PERSON_1] about their recent appointment? Their callback number is [PHONE_1].
I've prepared a professional follow-up email template:
What's shipped:
Keith Williams
Founder
17+ years building secure data systems
Founder's Perspective
Start with the team, not the tool.
AI adoption in regulated industries fails at the people layer long before it fails at the platform layer. Most organizations don't actually know what their teams would do with a ChatGPT tab open and a patient chart on the other screen.
That's why the front door to Three Gates is a free readiness assessment, not a sales pitch. Admins see an anonymized organizational scorecard (where the gaps are, which modules close them) and only then decide whether the platform underneath is worth a conversation.
The platform itself is the patent-pending Three-Gate control plane. Every AI request is classified, authorized, and routed before reaching a model; detected sensitive values are tokenized before model invocation, with an immutable audit trail behind every decision.
“Measure the team first. Earn the platform conversation second.”Connect with the Founder →
About
Built for industries where “we'll figure it out” is not an answer
Hearth and Alloy, Inc. (d/b/a Three Gates) builds AI control-plane infrastructure for healthcare, government, legal, and finance. U.S. patent application filed; patent pending.
Designed to support HIPAA Security Rule obligations • BAA-ready for healthcare customers • SOC 2 Type II audit planned, customer-engagement-gated • Deploy in our environment or yours
Get in Touch
Three ways to start
Take the assessment
Free. Three modules, about 30 minutes per employee. Anonymous organizational scorecard unlocks at 5 completions.
Start Assessment