Data Residency

Amigo supports multi-region deployments with organization-level data isolation. Each organization is scoped to a single region, and data does not leave that region.

Available Regions

The Platform API uses a single global endpoint (api.platform.amigo.ai) that routes to the correct regional infrastructure based on the workspace's configured region.

Organization-Level Isolation

Each organization is bound to a single region at creation time. All data generated by that organization - conversations, world model events, entity projections, call recordings, agent configurations - stays within the region's infrastructure. There is no cross-region data replication.

MongoDB sharding is keyed by organization, which means each org's data is physically isolated at the storage layer. This is not just access control - the data is stored separately.

Multi-Region Deployments

If you operate across multiple regions (for example, clinics in both the US and Canada), you create a separate organization in each region. Each organization has its own API endpoint, its own data store, and its own set of workspaces. The Deployment Model page covers multi-org tenancy patterns for this use case.

PHI Handling

Protected health information is isolated at the workspace level within each organization. PHI is encrypted at rest and in transit. Workspace boundaries enforce that one clinic's patient data is not accessible to another clinic's workspace, even within the same organization.

Compliance Considerations

Region selection determines which jurisdiction's data protection rules apply to your deployment. US deployments operate under HIPAA. Canadian deployments must account for PIPEDA and provincial health information acts. EU deployments fall under GDPR. Australian deployments are subject to the Privacy Act and My Health Records Act.

Amigo's region isolation ensures that data stays within the jurisdictional boundaries your compliance team requires. For audit and compliance controls, see Compliance and Audit.