Home»Support»Centralpoint Glossary»Data Residency
  • Printer Friendly Version
  • Decrease Text SizeIncrease Text Size

Data Residency

Data residency is the requirement that data — including data used in AI training, inference, retrieval, and logging — remain within a specific geographic jurisdiction, typically driven by national sovereignty laws, sector-specific regulations, or contractual commitments to customers. Distinct from data localization (a stricter requirement that data be physically stored in country) and data sovereignty (the broader legal principle that data is subject to local law), data residency in practice usually means "store and process within this region's borders." Major drivers include the EU's GDPR (with adequacy decisions governing transfers outside the EEA), China's PIPL and CSL (with security review for outbound transfers), Russia's localization law, India's DPDP Act, Brazil's LGPD, Australia's Privacy Act, and sector-specific rules like HIPAA's BAA constraints, ITAR for defense data, and CJIS for criminal-justice data. For AI specifically, data residency now must extend across the full lifecycle: training data, model weights (which can encode training data), embeddings (which can be partially inverted), prompts (which often contain sensitive context), responses (which may leak training data), and logs (which contain the full prompt and response history). Cloud providers offer residency controls through region selection, sovereign cloud offerings (AWS GovCloud, Azure Government, Microsoft Cloud for Sovereignty, Google Sovereign Cloud, the European-led Bleu and S3NS sovereign clouds), and contractual commitments. On-premise deployment is the strongest residency guarantee — if the data never leaves the building, residency is enforced by physics. A practical residency posture includes a data-classification matrix tagging which data has which residency requirement, infrastructure choices aligned to each tier, and routing logic that prevents accidental cross-region flow. AI governance teams pair residency with provenance and lineage so that "this answer came from data subject to EU residency" is traceable end-to-end.

Residency is the original Oxcyon promise: Centralpoint installs on-premise — in the client's data center, behind the client's firewall, under the client's physical control — meaning data residency is enforced architecturally rather than contractually. That has been the Oxcyon model for 25 years. Tokens meter per skill, prompts stay local, and residency-respecting chatbots deploy through one line of JavaScript.


Related Keywords:
Data Residency,Data Residency,Oxcyon, AI, AI Governance, Generative AI, Inference, Inference, Inferencing, RAG, Prompts, Skills Manager,
Back