Private AI for the Workloads Public APIs Cannot Touch

Private AI means the model, the retrieval index, the prompts, the responses, and the inference traffic all live inside a boundary the buyer can audit. In practice that means open-weight models running on the Petronella private cluster in Raleigh, NC, or on hardware the client owns and we operate. No prompts leave the boundary, no training data leaks into a third-party model, and the audit log shows the full prompt-response history with model-version pinning. The opposite of private AI is using a public AI API where the vendor stores prompts, retrains on them, or applies model updates without notice.

Both, depending on what the use case actually needs. Most regulated buyers end up with a hybrid stack: off-the-shelf SaaS for commodity tasks (meeting summaries, draft assistance, public-content chatbots) and custom-built capability for the workloads where data class, integration depth, latency, cost, or audit posture rules the SaaS path out. The build-vs-buy framework on our AI services catalogue page lays out the eight dimensions we score every candidate workload against.

Yes. We sign a BAA before any PHI changes hands. HIPAA-covered AI workloads run inside our private cluster in Raleigh, NC, with audit logging, scoped access, encryption in transit and at rest, and review by our compliance team. We do not run HIPAA-covered workloads on public AI APIs at any stage of the engagement.

Yes, all three. CMMC L1 prototypes and production workloads run inside basic safeguards aligned to FAR 52.204-21. CMMC L2 work runs inside an enclave aligned to NIST SP 800-171. CMMC L3 work operates against the higher bar set by NIST SP 800-172. Petronella is CMMC-AB Registered Provider Organization #1449, verified at cyberab.org. The whole team is CMMC-RP. We sign a CMMC-aligned engagement letter before any controlled unclassified information enters the project boundary.

Open-weight models from the leading research labs and university consortia, selected per use case for the tradeoff between capability, latency, cost, and hardware fit. We deploy general-purpose reasoning models, code-specialized models, vision-language models for document workflows, speech-to-text and text-to-speech models for voice agent workloads, and embedding models for retrieval pipelines. Specific model choices vary by engagement; we publish a recommendation in the Stage-01 Discover deliverable so the client signs off on the model class before any prototype work begins.

Engagements are scoped from a discovery call. Cost depends on data state, integration complexity, regulatory frame, infrastructure path, and the specific service category. Petronella does not publish a fixed price for custom engagements because the cost surfaces and the risk surfaces are different for every regulated buyer. We do publish productized starter packages on our consumer-facing surfaces for buyers who want a fixed-scope entry point. Contact a Petronella AI engineer to scope your engagement.

For well-defined use cases, the typical path from discovery call to a working prototype on the Petronella private cluster runs three to six weeks. The first week is the Discover stage: workflow inventory, data-class classification, integration map, regulatory frame. Weeks two through six are Architect: prototype build on representative data, integrated to upstream and downstream systems, exercised at realistic load. The buyer receives a written go or no-go at the end of Architect before any production deployment work begins.

Raleigh, North Carolina. Hardware sourced through the NVIDIA Elite Partner Channel. Built on the NVIDIA reference architecture for enterprise inference. We can also operate dedicated hardware that the client owns at the client's site or in a colocation facility the client specifies, where data residency or contract-clause requirements dictate. Petronella's headquarters is at 5540 Centerview Dr., Suite 200, Raleigh, NC 27606.

Yes. While our office and private AI cluster are in Raleigh, we serve clients throughout the Research Triangle (Durham, Chapel Hill, Cary, RTP) and across North Carolina (Charlotte, Greensboro, Wilmington, Asheville, Winston-Salem), and we engage with regulated organizations nationally, particularly in healthcare, defense, finance, engineering, and legal. The discovery call works the same way regardless of geography; site visits to the Raleigh facility are available for buyers who want to see the infrastructure before committing.

Yes. Training and enablement is one of the seven service lines in the catalogue, and we routinely fold AI-team training into a build engagement so that the in-house team can take over operations after Stage 03. The training curriculum covers prompt design, retrieval pipeline maintenance, evaluation harness operation, model-version change-control, and the audit log review process. We also publish executive-level briefings for the leadership team that owns the AI program politically.

This pillar (/ai/) is the top-level AI hub: who we are, what categories we ship, the trust band, the methodology, the industry coverage. The AI Services Catalogue page goes deeper on the seven service lines themselves with the build-vs-buy framework, the integration consulting playbook, the automation consulting model, and the hiring-vs-partnering analysis. Most buyers read this pillar first to understand the practice, then read the services catalogue to pick the specific entry lane.

Three honest differences. First, we are a regulated-vertical practice: HIPAA, CMMC L1 / L2 / L3, NIST 800-171 / 800-172, GLBA, ITAR, attorney-client privilege, and contract-clause data residency are first-class constraints, not exceptions we handle case-by-case. Second, we operate the private AI infrastructure ourselves rather than reselling someone else's cloud capacity. Third, we run the full lifecycle in-house (strategy, prototype, integration, custom development, infrastructure, operations) rather than handing off between vendors. Most national AI consulting firms do one or two of those well. Very few do all three for regulated buyers in the same engagement.