---
title: "Regional Compatibility"
canonical: "https://helm.docs.mindburn.org/product/regional-compat"
source: "helm-ai-enterprise/docs/public/product/regional-compat.md"
edit: "https://github.com/Mindburn-Labs/helm-ai-enterprise/edit/main/docs/public/product/regional-compat.md"
section: "helm-ai-enterprise"
access: "public"
sensitivity: "public"
last_reviewed: "2026-04-29"
checksum_sha256: "sha256:1ad52b450a0a297505ecaf367cb670b58d5f1949137a1e484c310df54dc86d97"
build_timestamp: "2026-05-24T13:40:27.882Z"
---
# HELM Regional Compatibility

## Audience

## Outcome

After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim.

## Source Truth

- Public route: `product/regional-compat`
- Source document: `helm-ai-enterprise/docs/public/product/regional-compat.md`
- Public manifest: `helm-ai-enterprise/docs/public-docs.manifest.json`
- Source inventory: `helm-ai-enterprise/docs/source-inventory.manifest.json`
- Validation: `corepack pnpm run docs:coverage`, `corepack pnpm run docs:truth`, and `npm run coverage:inventory` from `docs-platform`

Do not expand this page with unsupported product, SDK, deployment, compliance, or integration claims unless the inventory manifest points to code, schemas, tests, examples, or an owner doc that proves the claim.

## Troubleshooting

| Symptom | First check |
| --- | --- |
| A link or route is missing from the docs website | Check `docs/public-docs.manifest.json`, `llms.txt`, search, and the per-page Markdown export before changing navigation. |
| A claim is not backed by code or tests | Remove the claim or add the missing code, example, schema, or validation command before publishing. |

HELM supports regional deployment profiles that automatically configure governance
policies, data residency, encryption standards, and ceremony requirements.

## Supported Regions

| Region | Profile | Compliance | Encryption | Ceremony |
|--------|---------|------------|------------|----------|
| US     | `us`    | SOC2, NIST-800-53 | AES-256-GCM | Standard (2s timelock) |
| EU     | `eu`    | GDPR, SOC2, ISO-27001 | AES-256-GCM | Strict (5s timelock, challenge/response) |
| RU     | `ru`    | GOST-R-34.10, 152-FZ | GOST-28147-89 | Standard (3s timelock) |
| CN     | `cn`    | GB/T-35273, CSL | SM4 | Standard (3s timelock) |

## Configuration

Set the `HELM_REGION` environment variable:

```bash
export HELM_REGION=eu
```

Or in `helm.yaml`:

```yaml
region: eu
```

## EU-Specific Requirements

- **GDPR**: PII handling set to strict mode. All personal data processing
  requires explicit consent, logged as TRUST_EVENT in the ProofGraph.
- **EU AI Act**: Annex III high-risk obligations are on the current
  2026-08-02 application trajectory. The EU profile emphasizes risk
  management evidence, immutable event logs, technical documentation,
  human oversight ceremonies, and operator-visible override paths.
- **Right to Erasure**: Supported via cryptographic key rotation. Data
  encrypted with tenant keys can be rendered inaccessible by revoking
  the key in the Trust Registry.
- **Data Residency**: All data stored in `eu-west-1`. Cross-region
  replication disabled by default.

## US State AI Watch

Colorado is no longer the lead compliance deadline for HCOM positioning. The
current SB24-205 requirements were moved to 2026-06-30 by SB25B-004, and a
March 2026 workgroup proposal would replace the law with an ADMT-focused
framework effective 2027-01-01 if enacted.

HELM should position Colorado as a monitored state profile: runtime receipts,
decision logs, human-review records, and adverse-action context can support
ADMT audit and recordkeeping, but public copy should not claim the proposed
ADMT framework is final law.

## Ceremony Differences

The EU profile requires challenge/response verification for all
approval ceremonies, adding an extra layer of human verification.
This means the operator must type a confirmation phrase (e.g., "DELETE")
in addition to the standard timelock and hold requirements.

## Custom Profiles

Create a custom profile in `config/profiles/`:

```yaml
profiles:
  custom:
    name: "Custom Region"
    ceremony:
      min_timelock_ms: 10000
      min_hold_ms: 5000
      require_challenge: true
      domain_separation: "helm:approval:v1:custom"
    data_residency: "custom-dc-1"
    compliance:
      - "CUSTOM-STANDARD"
    encryption: "AES-256-GCM"
```

## Diagram

```mermaid
flowchart TD
    subgraph Ingestion["1. Ingestion & Context Plane"]
        source["HELM Regional Compatibility"]
        s0["Supported Regions"]
        s1["Configuration"]
        s2["EU-Specific Requirements"]
        s3["US State AI Watch"]
        output["Reader outcome"]
    end

    %% Operational Flow Edges
    source --> s0
    s0 --> s1
    s1 --> s2
    s2 --> s3
    s3 --> output

    %% Premium Styling Rules
```