frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Ask HN: How do companies that use Cursor handle compliance?

6•Poomba•11h ago
I'm trying to decide whether to adopt Cursor for our company, but we're in a heavily regulated industry and our compliance team is flagging concerns about HIPAA/SOC2/audit trails.

The thing is, there are companies in regulated industries using it [1][2]. But Cursor has no HIPAA BAA, no FedRAMP certification, and is cloud-only with all requests routing through their AWS infrastructure. (This is probably true for Claude and other coding assistants, though I've only looked seriously at Cursor.)

So how are regulated companies actually making this work? Or do most just avoid Cursor and other AI coding tools altogether?

[1] 165 healthcare companies use Cursor according to Bloomberry: https://bloomberry.com/data/cursor/

[2] Cursor's customers include Sanofi, Johnson & Johnson, and Neuralink: https://cursor.com/customers

Comments

verdverm•11h ago
Copilot can be used in these situations, that's what most of our devs use. I suspect Claude Code is going to be evaluated in the near future. Personally, I have permission from the CTO to hook my custom agent up to the GCloud Vertex APIs because we know it all stays in Google, which is compliant across their portfolio. Microslop is too, which is why Copilot is available. All the frontier models are available as well between both Google and Microsoft, I have no need for OpenAI or xAI, so VertexAI has everything I personally want.
raw_anon_1111•10h ago
This has less to do with Cursor and more to do with standard processes. Day to day use, your developers development environment should not have access to any data that comes under HIPAA (the one compliance framework I’m familiar with)

If your developer machines don’t have access to regulated data, neither will Cursor. As far as I know none of those compliance frameworks have anything to do with your code, it’s about accessing data and how you promote your code to production

I’ve never used cursor. But Claude Code gives you the option of using AWS Bedrock hosted models - including Anthropomorphic. You can sign a BAA with AWS. Notice this is using Anthropic models through an AWS account - not directly from Anthropic.

Ask HN: I'm investing $100k in cool people with boring skills. Any leads?

5•surprisetalk•2h ago•2 comments

Watching an elderly relative trying to use the modern web

34•ColinWright•13h ago•17 comments

Ask HN: What happens after the AI bubble bursts?

37•101008•1d ago•38 comments

Ask HN: Why is my Claude experience so bad? What am I doing wrong?

73•moomoo11•4d ago•111 comments

Ask HN: Companies that advertise being a "best place to work", is it a red flag?

10•jrs235•19h ago•12 comments

Ask HN: How do companies that use Cursor handle compliance?

6•Poomba•11h ago•2 comments

Top non-ad google result for "polymarket" in Australia is a crypto scam

15•rtrgrd•1d ago•2 comments

Ask HN: Why is YouTube's recommendation system so bad?

13•mr-pink•19h ago•9 comments

Ask HN: Do global AGENTS.md with coding principles make sense?

4•endorphine•20h ago•2 comments

Ask HN: Are there examples of 3D printing data onto physical surfaces?

17•catapart•3d ago•33 comments

Ask HN: Are you using an agent orchestrator to write code?

40•gusmally•4d ago•61 comments

Ask HN: Ranking sliders on a personal blog?

12•incognito124•1d ago•1 comments

Ask HN: How's Business These Days for Fiverr Freelancers?

11•burnerToBetOut•13h ago•4 comments

Tell HN: Microsoft Edge self-destroys updating it in Debian based distros

6•usr1106•1d ago•1 comments

Ask HN: Did YouTube change how it handles uBlock?

22•tefloon69•4d ago•13 comments

What web businesses will continue to make money post AI?

15•surume•2d ago•29 comments

Ask HN: Info on the 1982 Apple 2 text game Abuse?

6•jmount•3d ago•2 comments

Ask HN: Share your vibe coded project

5•firefoxd•1d ago•8 comments

Ask HN: How do you audit LLM code in programming languages you don't know?

13•syx•4d ago•14 comments

Ask HN: LLMs helping you read papers and books

8•amelius•2d ago•4 comments

Ask HN: Want to move to use a "dumb" phone. How to make the switch?

11•absoluteunit1•2d ago•12 comments

Ask HN: Stripe is asking for bank statements to check financial health

9•kinj28•3d ago•8 comments

Ask HN: We're building a saving app for European savers and need GTM advice

6•AlePra00•4d ago•16 comments

Tadpole the Language for Scraping 0.2.0 – Complex Control Flow, Stealth and More

6•zachperkitny•20h ago•1 comments

Ask HN: What's the best realtime, local, TTS solution? Live call interpretation

6•Wright007•1d ago•1 comments

Ask HN: What explains the recent surge in LLM coding capabilities?

12•orange_puff•2d ago•8 comments

Ask HN: Better hardware means OpenAI, Anthropic, etc. are doomed in the future?

5•kart23•4d ago•10 comments

Ask HN: Exceptionally well-written research papers in CS/ML/AI?

5•b3rkus•3d ago•1 comments

Ask HN: Do sociotechnical pressures select for beneficial or harmful AI systems?

7•jerlendds•4d ago•3 comments

Ask HN: What happens when capability decouples from credentials?

11•falsework•4d ago•7 comments