Compliance & Data Privacy
Before deploying to a regulated client, an architect must know exactly which features are Zero Data Retention eligible, how to prevent PHI leakage through schema caching, and how US-inference pricing affects committed capacity.
1. ZDR Eligibility Matrix
Zero Data Retention means Anthropic does not store inputs or outputs beyond serving the request. Know this table for the exam.
| Feature | ZDR Eligible? | Reason if Not |
|---|---|---|
| Adaptive Thinking | Yes | N/A |
| Effort parameter | Yes | N/A |
| Citations | Yes | N/A |
| Structured Outputs | Yes | N/A |
| Web Search / Web Fetch (standard) | Yes | N/A |
| Compaction | Yes | N/A |
| Bash, Computer Use, Text Editor | Yes | N/A |
| Message Batches API | No | Inputs/outputs stored server-side up to 29 days |
| Files API | No | Files stored server-side |
| Code Execution | No | Execution state held server-side |
| Agent Skills | No | Skill data follows standard retention |
| MCP Connector | No | Requires server-side routing |
| Web Search/Fetch + Dynamic Filtering | No | Code execution required; stores intermediate state |
2. HIPAA Safeguards: Schema Caching Risk
For healthcare-related marketing, PHI must never appear in JSON schema definitions.
- Why: Structured output schemas (tool definitions,
output_config) are compiled and cached separately from message content, they may be treated differently under your BAA. - Rule: Field names in schemas should be generic (
"patient_id"→"record_id"). Actual PHI values belong in message content only, never in schema property names or descriptions.
3. US Inference Pricing Multiplier
Setting inference_geo: "us" restricts compute to US infrastructure and incurs a 1.1x pricing multiplier on all token categories for models starting with Claude Opus 4.6.
- Priority Tier impact: Each token processed with
inference_geo: "us"draws down 1.1 tokens from your committed TPM capacity, the multiplier applies to Priority Tier burndown, not just standard billing. - ZDR compatibility: Data Residency (inference_geo) is ZDR-eligible. You can combine US-only inference with ZDR for the highest data protection posture.
The 1.1x multiplier applies to Opus 4.6 and above, not to Haiku or Sonnet models below that threshold. When a client asks for US-only inference on a cost-sensitive workload, recommend Haiku 4.5 (unaffected by the multiplier) for high-volume steps and reserve Opus for strategic reasoning only.
Lab Exercise: Compliance & Data Privacy Review
Self-driven lab Module9_Self_Driven_Lab.ipynbObjective: evaluate an agent architecture for ZDR, regional inference, and regulated-data risks.
- Create a feature matrix that marks each component ZDR-eligible or not.
- Add `inference_geo: "us"` where appropriate and calculate the policy/cost implication.
- Review schema caching or prompt caching choices for regulated data exposure.
- Define a human escalation trigger for privacy-sensitive or policy-uncertain actions.
A compliance review memo for the advanced agent architecture.