A short path from vendor review to buying decision: current security posture, data boundaries, DPA, sample artifacts, commercial entry path, and the limits Moirai will not overclaim.
Failure mode
A serious buyer should not need a founder to manually assemble every trust claim. If security, DPA, sample outputs, and verifier links are scattered, the deal feels less mature than the product.
Score, evidence gaps, RANZCR mapping, tool-level risk, and a 30/90 day action plan.
Owner, use case, regulatory status, current risk, incidents, evidence state, and next review.
Hash-based proof link for report and decision-pack integrity without opening the private workspace.
The right procurement surface reduces perceived vendor risk without pretending Moirai has certifications it has not earned yet. It gives the buyer enough evidence to move to a paid Gap Assessment or disqualify quickly.
The trust room states data residency, encryption, sub-processors, incident response, PHI boundaries, and certification limits in buyer language.
The sample pack shows the PDF, register export, source-review record, and verifier path so procurement can judge substance early.
DPA, privacy policy, terms, trust room, sample pack, and markdown brief are linked from one procurement packet.
Review data residency, sub-processors, security controls, and current certification limits.
Open the DPA, privacy policy, terms, and public verifier before involving legal.
Inspect the sample Gap Analysis and register export before asking for a custom deck.
Confirm whether the paid Gap Assessment is the correct entry product for the practice.