Reference
AI Governance Glossary
122 terms covering DPDP compliance, Indian PII protection, AI safety, and LLM governance.
Aadhaar Masking
The process of hiding all but the last four digits of a 12-digit Aadhaar number before it reaches an AI model provider.
ABDM Compliance
Compliance with the Ayushman Bharat Digital Mission requirements for digital health data exchange and interoperability.
ABHA ID
Ayushman Bharat Health Account identifier — a 14-digit unique health ID used in India's digital health ecosystem.
Academic Integrity AI
AI systems used to detect plagiarism, cheating, and academic dishonesty, with governance controls for student privacy.
Adversarial Testing
Systematic testing of AI systems using inputs specifically designed to cause failures, expose vulnerabilities, or bypass safety controls.
Agent Onboarding
The process of registering a new AI agent with the governance platform, defining its purpose, permitted data types, and applicable policy packs.
Agentic AI
AI systems that operate with significant autonomy, making decisions and taking actions with minimal human oversight.
AI Agent
An autonomous AI system that can plan, reason, and take actions to accomplish goals, often using multiple tools and making sequential decisions.
AI Ethics
The moral principles and values that guide the development and use of artificial intelligence systems.
Anonymization
Irreversibly removing all identifying information from data so that individuals can no longer be identified, even with additional information.
API Key Rotation
The practice of regularly changing API keys used to authenticate with AI model providers to limit the impact of key compromise.
Audit Trail
An immutable, chronological record of all AI governance events including PII detections, policy decisions, model routing, and compliance actions.
Batch Processing
Processing multiple AI requests together rather than individually, often used for analytics, reporting, or bulk operations.
Bias Detection
The systematic identification of unfair or discriminatory patterns in AI model outputs across different demographic groups.
BODH Certification
A certification badge indicating that an AI model or application has passed configured evidence gates for healthcare governance compliance.
Breach Notification
The legal requirement to notify affected individuals and regulatory authorities within a specified timeframe when a personal data breach occurs.
Canary Deployment
A deployment strategy where new AI governance controls are rolled out to a small percentage of traffic before full deployment.
Circuit Breaker
An automated safety mechanism that halts AI agent operations when predefined risk thresholds are exceeded, preventing cascading failures.
Claims AI Governance
Governance controls for AI systems used in insurance claims processing, assessment, and fraud detection.
Clinical AI Safety
Safety controls for AI systems that provide clinical decision support, triage recommendations, or diagnostic assistance.
Compliance Automation
Using technology to automatically enforce, monitor, and report on regulatory compliance requirements.
Compliance Evidence
Documented proof that governance controls were applied to AI interactions, including detection logs, policy decisions, and audit records.
Compliance Pack
A pre-configured bundle of governance rules, detection patterns, and policy templates designed for a specific regulatory framework.
Compliance Score
A quantitative measure of an organization's adherence to regulatory requirements and governance policies for AI systems.
Consent Fatigue
The phenomenon where users become overwhelmed by frequent consent requests and begin accepting them without reading, undermining informed consent.
Consent Management
The system for obtaining, recording, and managing user consent for data processing, including AI-specific processing notices.
Content Safety
Controls that prevent AI systems from generating harmful, offensive, illegal, or inappropriate content.
Context Window
The maximum amount of text (measured in tokens) that a language model can process in a single request, including both the prompt and the generated response
Contract AI Compliance
Governance framework for AI systems that draft, review, and analyze legal contracts and agreements.
Cost Dashboard
A real-time monitoring interface showing AI spending broken down by application, model provider, policy pack, team, and time period.
Data Fiduciary
Under the DPDP Act, any entity that determines the purpose and means of processing personal data, including companies using AI to process customer informat
Data Lineage
The ability to trace the origin, movement, and transformation of data throughout its lifecycle in an organization.
Data Minimization
The principle of collecting and processing only the minimum personal data necessary for the stated purpose.
Data Processing Agreement
A legal contract between a data controller and data processor that specifies the terms of personal data processing, required under DPDP and GDPR.
Data Residency
The requirement that personal data be stored and processed within specific geographic boundaries, often within the country of origin.
Data Sovereignty
The concept that data is subject to the laws and governance structures of the country in which it is collected or processed.
Data Subject Rights
The rights granted to individuals regarding their personal data, including access, correction, erasure, and portability.
Differential Privacy
A mathematical framework for sharing information about a dataset while limiting what can be learned about any individual in the dataset.
DPDP Act 2023
The Digital Personal Data Protection Act, 2023 — India's comprehensive data protection law establishing obligations for data fiduciaries processing persona
Drift Detection
Monitoring AI model performance over time to detect when model behavior changes due to shifts in input data distribution or model degradation.
eDiscovery AI Governance
Controls for AI systems used in electronic discovery, document review, and litigation support.
EdTech AI Bias
Detection and mitigation of bias in educational AI systems that may disadvantage students based on language, region, or socioeconomic background.
Embeddings
Dense vector representations of text that capture semantic meaning, used for similarity search, clustering, and retrieval in AI systems.
Event-Driven Architecture
A software design pattern where system behavior is determined by events — significant changes in state — rather than sequential processing.
Explainability
The ability to provide clear, understandable explanations for AI model decisions and outputs to stakeholders, regulators, and affected individuals.
Federated Learning
A machine learning approach where models are trained across multiple decentralized devices or servers without exchanging raw data.
Fine-Tuning
The process of training a pre-trained language model on domain-specific data to improve its performance on particular tasks.
Fintech PII Governance
The practice of detecting and protecting financial personal data in AI systems used by fintech companies, including UPI IDs, bank account numbers, and cred
GDPR
The General Data Protection Regulation — the European Union's comprehensive data protection law that influences global privacy standards including India's
Governance API
A programmatic interface for managing AI governance controls, querying audit trails, and integrating governance into CI/CD pipelines.
Governance Dashboard
A centralized interface providing real-time visibility into AI governance metrics, compliance status, and risk indicators.
Guardrails
Automated safety controls that constrain AI model behavior within acceptable boundaries, preventing harmful, biased, or non-compliant outputs.
Hallucination
When an AI model generates information that is factually incorrect, fabricated, or not supported by its training data or provided context.
Health Data Consent
Specialized consent mechanisms for AI processing of health data, including explicit consent requirements and purpose-specific authorization.
Human-in-the-Loop
An AI system design where human review and approval is required for certain decisions, especially those with significant impact on individuals.
IFSC Code Detection
Identification of Indian Financial System Code — an 11-character alphanumeric code identifying bank branches — in AI data streams.
Immutable Logging
A logging approach where recorded events cannot be modified or deleted after creation, ensuring the integrity of audit trails.
Incident Response
The organized approach to addressing and managing the aftermath of an AI security breach or compliance violation.
Indian Mobile Number Detection
Identification of 10-digit Indian mobile numbers starting with digits 6-9 in AI data streams.
Insurance Fraud Detection AI
AI systems that analyze claims patterns and policyholder behavior to detect fraudulent insurance claims.
IRDAI AI Guidelines
Insurance Regulatory and Development Authority of India's framework for AI adoption in the insurance sector.
ISO 42001
The international standard for Artificial Intelligence Management Systems, providing a framework for responsible AI development and deployment.
Jailbreak Detection
Automated identification of attempts to bypass AI model safety constraints through crafted prompts that override system instructions.
Kill Switch
An emergency mechanism to immediately halt all AI agent operations across an organization when a critical safety or compliance issue is detected.
Latency Budget
The maximum acceptable delay that governance controls can add to AI request processing without degrading user experience.
Learning Analytics Privacy
Privacy controls for AI systems that analyze student learning patterns, performance data, and behavioral metrics.
Legal AI Privilege
Governance controls for AI systems processing attorney-client privileged communications and legal work product.
Legal Research AI
AI systems that assist with legal research, case analysis, and regulatory interpretation.
Lending AI Governance
Governance controls specific to AI systems used in loan origination, underwriting, and credit decisioning.
Litigation AI Ethics
Ethical considerations for AI systems used in litigation, including fairness, transparency, and access to justice.
LLM Gateway
A proxy server that sits between your application and LLM providers, applying governance controls like PII redaction, cost tracking, and audit logging to e
Medical Record AI Processing
Governance controls for AI systems that process electronic health records, clinical notes, and diagnostic reports.
Minor Data Governance
Specialized governance controls for AI systems that process data about children and minors, including age verification and parental consent.
Model Card
A documentation framework that describes a machine learning model's intended use, performance characteristics, limitations, and ethical considerations.
Model Governance
The policies, processes, and controls for managing the lifecycle of AI models from development through deployment, monitoring, and retirement.
Model Inventory
A comprehensive registry of all AI models used within an organization, including their purpose, data inputs, risk level, and governance status.
Model Provider
A company that offers access to language models through APIs, such as OpenAI, Anthropic, Google, or DeepSeek.
Model Routing
The practice of directing AI requests to different model providers based on data sensitivity, cost, performance, or compliance requirements.
Multilingual PII Detection
The ability to detect personally identifiable information across multiple Indian languages including Hindi, Tamil, Telugu, Bengali, and Hinglish.
Output Scanning
The process of analyzing AI model responses for policy violations, PII leakage, harmful content, or hallucinated information before delivering them to user
PAN Card Detection
Automated identification of Indian Permanent Account Number cards using format validation (5 letters, 4 digits, 1 letter) in AI input and output streams.
Payment Data Protection
Controls for protecting payment card data, UPI identifiers, and bank account information in AI processing pipelines.
PII Redaction
The automated process of detecting and removing or replacing personally identifiable information from text before it is processed by an AI model.
Policy Pack
A pre-configured set of compliance rules that can be applied to AI agents, covering specific regulatory frameworks like DPDP, RBI, or SEBI.
Policyholder Data Protection
Controls for protecting policyholder personal data in AI-powered insurance operations.
Privacy by Design
An approach to system design that embeds privacy protections into the architecture from the beginning, rather than adding them as an afterthought.
Privacy Impact Assessment
A systematic evaluation of how a proposed AI system will affect the privacy of individuals whose data it processes.
Prompt Engineering
The practice of designing and optimizing prompts to elicit desired behavior from language models while maintaining safety and compliance.
Prompt Injection
An attack where malicious instructions are embedded in user input to manipulate an AI model into ignoring its system prompt or performing unauthorized acti
Proxy Architecture
A system design where AI requests pass through an intermediary server that applies governance controls before forwarding to model providers.
Pseudonymization
Replacing identifying information with artificial identifiers while maintaining the ability to re-identify data when authorized.
Purpose Limitation
The principle that personal data should only be processed for the specific purpose for which consent was obtained, not repurposed for other uses.
Rate Limiting
Controlling the number of AI API requests allowed per time period to prevent abuse, manage costs, and ensure fair resource allocation.
RBI AI Compliance
Adherence to the Reserve Bank of India's guidelines for AI adoption in financial services, including the FREE-AI framework and outsourcing guidelines.
RBI FREE-AI Guidelines
The Reserve Bank of India's framework for responsible and ethical AI adoption in the financial sector, covering transparency, fairness, and accountability.
Red Teaming
Systematic adversarial testing of AI systems to discover vulnerabilities, biases, and failure modes before they affect production users.
RegTech
Technology solutions designed to help organizations comply with regulatory requirements more efficiently and effectively.
Responsible AI
The practice of developing and deploying AI systems that are ethical, transparent, fair, accountable, and respectful of human rights and privacy.
Retrieval-Augmented Generation
An AI architecture that combines document retrieval with language model generation, pulling relevant context from a knowledge base before generating respon
Right to Erasure
An individual's right to request the deletion of their personal data from an organization's systems, also known as the right to be forgotten.
SAHI Framework
Safe and Accountable Healthcare AI — a governance framework for ensuring AI systems in healthcare meet safety, accountability, and transparency standards.
SEBI AI Guidelines
Securities and Exchange Board of India's regulatory framework for AI adoption in capital markets, covering algorithmic trading, advisory services, and risk
Shadow AI
Unauthorized or undocumented use of AI tools and models within an organization, outside the visibility of governance and compliance teams.
Shadow Mode
A testing mode where AI governance controls are evaluated but not enforced, allowing teams to see what would be blocked before enabling enforcement.
StreamGuard
A governance layer for AI messages flowing through event streams like Kafka, applying the same compliance controls used for HTTP API calls.
Student Data Protection
Controls for protecting student personal data in AI-powered educational platforms, with special provisions for minor data.
Synthetic Data
Artificially generated data that mimics the statistical properties of real data without containing actual personal information.
System Prompt
The initial instructions given to a language model that define its behavior, personality, constraints, and safety guidelines for a conversation.
Tamper-Evident Logging
A logging mechanism where each audit entry includes a cryptographic hash of the previous entry, making unauthorized modifications detectable.
Telemedicine AI Governance
Governance framework for AI systems used in telemedicine consultations, including symptom checkers, triage bots, and virtual health assistants.
Token
The basic unit of text processing for language models, typically representing a word, subword, or character depending on the tokenizer used.
Tool Use
The ability of AI agents to invoke external tools, APIs, and functions to perform actions beyond text generation.
Toxicity Detection
Automated identification of harmful, offensive, or abusive language in AI inputs and outputs.
Transaction Monitoring AI
AI systems that analyze financial transactions for fraud, money laundering, and suspicious activity patterns.
Trust Ledger
An immutable record of all trust-relevant events in an AI system, including governance decisions, compliance actions, and evidence artifacts.
Trust Score
A composite metric reflecting the overall governance health of an AI application, calculated from PII detection rates, policy compliance, and audit complet
Underwriting AI Fairness
Controls to ensure AI-driven insurance underwriting decisions are fair, non-discriminatory, and compliant with insurance regulations.
UPI ID Detection
Identification of Unified Payments Interface identifiers in the format user@provider within AI prompts and responses.
Vector Database
A specialized database designed to store and query high-dimensional vector embeddings for similarity search in AI applications.
Verhoeff Checksum
A mathematical algorithm used to validate Aadhaar numbers by checking the last digit against a computed checksum, reducing false positives in PII detection
Watermarking
Embedding invisible markers in AI-generated content to identify its origin and enable attribution.
Zero Trust AI
An AI security model where no request is trusted by default, and every interaction must be verified, authenticated, and authorized.