Heimdall is the control layer between every healthcare application and every AI model it calls. It decides which model answers, in which jurisdiction, under which policy, and keeps the record a regulator can read without a translation layer.
Bifrost is the bridge.
Heimdall decides who crosses.
Every health system is now running AI traffic it cannot fully account for.
A clinician summarises a discharge note and the tokens leave the country. A vendor embeds a frontier model and the data-processing agreement says, in effect, trust us. AI gateways exist, and they are multiplying, but they route on two questions: which model is cheapest, and which is fastest.
Healthcare has a third question. It is the one that ends careers when answered badly:
Where did the
data go?
Routing on cost is a procurement feature. Routing on jurisdiction is a governance requirement. No gateway on the market treats it as the primary axis. Heimdall does.
Residency is not a region toggle. It is the routing logic itself, resolved before anything else, every time.
Every request carries a jurisdiction policy. A query from a Berlin hospital is answered inside German borders by an approved model, or it is refused. When the policy engine cannot be evaluated, identifiable data does not move. Fail-closed is the default, not the exception.
A frontier model for genuine reasoning. An owned model on Bifrost for clinical workloads that can never leave the tenancy. A small, fast model for the 80% of traffic that does not need a cathedral. The model is chosen at request time, by task class and depth, never hard-coded into the application.
Failover, caching, token-level metering, hard spend controls: the gateway category's table stakes, present and accounted for. The router seeks the cheapest compliant supply, and the weighting is deliberate. Compliance trumps cost, every time.
Every decision is logged: which model, which jurisdiction, which policy, which path. The audit trail is the product as much as the routing is.
Heimdall does not pretend that residency equals sovereignty. It names each tier honestly, records the choice in the ledger, and lets the customer's signed policy decide what is permitted for which class of data.
How the gate decides →Bifrost GPU capacity inside the tenancy. A target ~70% of traffic, at utilisation economics. Pinned for the life of an OEM certification.
A frontier model in the customer's jurisdiction, reached only with a pseudonymised payload. Residency ≠ sovereignty, and the policy says which the customer chose.
Open pools, only for classes a tenant's signed policy explicitly permits, anonymisation-grade by default. The human review queue, the hard 5%, sits alongside as a supply rung, not a residency tier.
Targets from the functional specification, not measured production figures. Live numbers, named pilot, supported models, jurisdictions at GA, published at launch. No placeholders survive to print.
Who suspect, correctly, that AI usage in their organisation is larger and leakier than reported, and need an answer they can hand to a regulator.
Embedding AI into PACS, reporting and pathology, who need a sovereignty answer their hospital customers will actually accept at contract.
For whom Heimdall ships as the default front door to AI, sovereignty controls and a full audit trail from day one, in front of the models they already use.
One record per request, across every pool, append-only, hash-chained, in-jurisdiction. It powers metering, simulation and the evidence pack a compliance officer hands to a regulator. Both sides of every contract read the same rows. That is what makes the contracts honest.
Sovereignty & compliance →09:41:07Z report.draft.ct-chest 3v-rad-32b@2.3.1 SOV-UK/LHR in 6,214 (3,090 cached) · out 482 · 1.74s · per-study 09:52:33Z priors.synthesise.onc frontier@pinned RES-UK 11 calls · in 48,910 · out 6,240 · 41.2s · geo:UK · ZDR 09:53:14Z escalation.consultant human QUEUE confidence 0.71 < 0.80 · playbook:onc.synth.v3 · queued
Today a PACS calls a frontier API; a pathology viewer calls a cloud model. Nothing sits between the request and the model, no policy, no jurisdiction, no meter, no record. That direct line is where the risk lives.
Inference is a variable cost inside a fixed-price product. Margin erodes silently, invoice by invoice.
A request leaves the jurisdiction the moment it hits a foreign endpoint. Procurement finds it before the regulator does.
The EU AI Act and its successors demand logging, traceability and oversight evidence. A direct API call produces none.
Wire an app to one vendor's endpoint and the model becomes load-bearing. Switching means re-validation, so nobody switches.
The model you validated at version X silently becomes X+1. In a clinical workflow that is a safety event, with no record it happened.
When the regulator, board or buyer asks what the AI did, there is no answer. The decisions happened; nothing recorded them.
Six failures, one root cause: nobody owns the layer between the application and the model. Heimdall is that layer.
A radiologist's viewer does not ask for a named model in a named region. It declares a task, draft this report, and a data class. Heimdall resolves the rest: the policy that applies, the jurisdiction that binds it, the cheapest compliant model that can serve it, and the immutable record that proves it happened the way it was meant to.
Sovereign AI Routing (n.) the infrastructure layer that classifies, governs, routes and accounts for every AI request between an application and the models that serve it, under the legal authority of a chosen jurisdiction.
Ship AI inside a fixed-price product without shipping an unbounded cost. Per-study economics, sovereignty controls and the audit trail procurement will ask for.
viewer.report.draft → classify → UK policy → owned specialist → £/study → ledger
Govern every AI request that leaves your estate, across every vendor, under one policy, one ledger, one evidence pack. Control what you already bought.
any-AI-call → classify → trust policy → approved model → budget → evidence
Gigapixel slides, heavy inference, strict residency. Route per-region analysis to in-country models, price per slice, prove every read stayed onshore.
slide.region.analyse → classify → DE policy → in-region model → per-slice → ledger
Draft reports and summarise priors at validated, version-pinned quality, with the model frozen for the certification lifetime, not silently upgraded mid-workflow.
report.draft / priors.summarise → policy → cheapest-compliant → per-study
Ambient and structured documentation over identifiable data, kept sovereign by default, metered per encounter, recorded for every note.
note.ambient.draft → classify (PHI) → sovereign model → budget → ledger
Give autonomous agents a governed substrate. Every tool call and model step classified, permitted, budgeted and recorded, agency without blind spots.
agent.step → classify → policy → resolve → envelope → ledger (per step)
Sovereign AI Routing is not a feature a generalist bolts on. It requires owning the compute, knowing the regulation, and already standing inside the healthcare estate. 3verest does.
Every line of the platform is built for one industry. Clinical reality is the design brief, not a retrofit.
A sovereign footprint across the UK, Europe, Australia, the US and Canada. Heimdall routes to capacity 3verest owns, not rents.
Owned, in-region inference behind the gate. Version stability for a certification lifetime needs owned weights and hardware.
The EU AI Act, UK GDPR and NHS frameworks, the Australian Privacy Act, encoded as routing logic, not bolted on as disclaimers.
Already co-selling with the imaging and clinical-systems vendors whose AI Heimdall governs. In place, not aspirational.
Heimdall · by 3verest
Heimdall sees every model. Heimdall chooses the path.
Deploy in front of the frontier models you already use, and gain sovereignty controls and a full audit trail immediately. Bifrost is already standing behind the gate.