Continuous Monitoring
Beta

Sentinel

Sentinel watches the regulatory landscape, compares incoming changes against your workspace's surface area, and surfaces actionable drift. It's the continuous monitoring layer built on top of Rote's baseline analysis.

Request Sentinel beta access How it works
Why This Matters

Most compliance programs
are permanently behind.

Point-in-time analysis tells you where you stand at the moment of analysis. That's useful: you need to know your current gaps before you can address them. But regulations don't freeze after your last audit.

When HHS releases new OCR guidance, when a final rule drops in the Federal Register, when CMS updates program requirements — the typical compliance program learns about it from a newsletter, a colleague, or an auditor. By then, the gap has existed for weeks or months.

The structural problem is that most compliance tools only do point-in-time analysis, so reactive is all they can be. Rote treats the baseline as the foundation, not the finish line. Sentinel is what comes next: continuous monitoring that uses your baseline posture to filter signal from noise and surface changes that actually matter to your specific regulatory surface area.

How It Works

Regulation fetch, surface area mapping,
change detection, remediation.

Sentinel runs as an agentic workflow orchestrated with LangGraph. Each step builds on the previous one, and the whole thing is grounded in the baseline analysis already in your workspace.

01 — Fetch
Regulatory source monitoring

Sentinel fetches from configured regulatory sources on a recurring schedule: HHS OCR, Federal Register notices for relevant CFR parts, CMS program guidance, and others as coverage expands. New content is parsed and staged for comparison.

02 — Map
Surface area scoping

Each Rote workspace has a regulatory surface area defined by the frameworks, controls, and documents already in the baseline analysis. Sentinel uses this to scope which regulatory changes are relevant to your workspace and which are not.

03 — Detect
Change detection with confidence scoring

Fetched content is compared against your workspace's surface area using multi-provider LLM routing (LiteLLM) for the analysis. Changes are scored for relevance and confidence, so you see what matters without noise.

04 — Surface
Remediation recommendations

Identified drift surfaces in your workspace with specific remediation recommendations grounded in the baseline analysis already present. The recommendations reference your actual documents, not generic compliance templates.

Architecture
  • OrchestrationLangGraph manages the agentic workflow: fetch, parse, compare, score, surface. Each step is a node in the graph with defined inputs, outputs, and fallback handling.
  • LLM RoutingLiteLLM routes analysis tasks to the optimal provider for each step — balancing cost and accuracy per task type, not a single model for everything.
  • Workspace RAGWorkspace-isolated Qdrant RAG means Sentinel's comparison is grounded in your documents, not generic regulatory summaries. The baseline embeddings are what make the change detection specific to your posture.
  • Baseline DependencySentinel depends on your baseline analysis being current. The more thorough the baseline — gap analysis, framework mapping, control assessment — the more specific and actionable the monitoring output.
FAQ

Questions about Sentinel

How often does Sentinel fetch regulations?

Sentinel runs on a configurable recurring schedule. During beta, fetch cadences are set in coordination with Dan at workspace provisioning. The exact schedule depends on your regulatory sources and how much change velocity you need to track.

What regulations does Sentinel cover today?

During beta, Sentinel is focused on HIPAA-related regulatory sources: HHS OCR guidance, Federal Register notices affecting 45 CFR Parts 160 and 164, and CMS program updates relevant to healthcare technology. Coverage expands based on beta partner feedback.

What is the path to GA?

Sentinel is in active development. The beta period focuses on validating the surface-area mapping and change-detection logic with real workspaces. GA timing depends on beta feedback and stability. Beta users will have input into the GA feature set.

Can I see the Sentinel codebase?

The Sentinel orchestration logic is part of the Rote platform codebase at github.com/Dangsllc/compliance_platform. The core compliance skills it depends on are open source at github.com/Rote-Compliance under Apache 2.0.

How does Sentinel use the baseline workflows?

Sentinel's change detection is grounded in the baseline analysis already in your workspace. When it identifies a regulatory change, it compares that change against the frameworks, controls, and coverage gaps already mapped by the baseline workflows — which is what makes the remediation recommendations specific to your posture, not generic guidance.

Do I need to have the baseline workflows complete before using Sentinel?

You need some baseline analysis in your workspace for Sentinel's recommendations to be meaningful. Sentinel can detect changes without a baseline, but the remediation recommendations become much more specific and actionable when there's a HIPAA gap analysis, framework mapping, and control assessment to draw from.

Beta Access

Request Sentinel
beta access

Sentinel beta is open to Rote users with active workspaces. Use the trial form and check the Sentinel beta box — I'll flag your workspace and reach out when it's ready.

Request access Ask a question first