Code ParticleCODE PARTICLE
Podcast/How Kevin DiGilio Builds Compliance-First Software for Regulated Industries

How Kevin DiGilio Builds Compliance-First Software for Regulated Industries

Listen on Apple Podcasts

Episode Summary:

In this episode of Engineering Choices You Have to Defend, host Nicola Onassis sits down with Kevin DiGilio, President of KMD Technology. Kevin explains how compliance frameworks like ITAR, NIST, and DFARS don’t just guide documentation; they dictate core system architecture.

When regulations evolved, KMD faced a choice: layer compliance on top of existing software or refactor the entire platform. They chose the latter, embedding user classification, role-based permissions, encryption, and access control throughout the stack. Kevin shares the trade-offs between usability and security, explaining how granular permissions and clear data classification maintain operational efficiency while staying fully compliant.

The conversation also explores AI in regulated manufacturing environments. Kevin highlights how AI systems must inherit compliance rules, log every decision, and enforce strict data boundaries. Improper access or hallucinations aren’t minor—they can be catastrophic.

For founders and engineering leaders, Kevin emphasizes that compliance should shape architecture from the start. Delaying integration almost guarantees costly rewrites, while proactive planning ensures systems that are secure, auditable, and operationally smooth.

Key Takeaways:

  1. Compliance must be embedded into core architecture
  2. Role-based permissions balance usability and security
  3. Encryption and access control are essential at every layer
  4. AI must respect regulatory boundaries with full logging and citation tracking
  5. Delaying compliance leads to costly refactors

Connect with Kevin DiGilio:

  1. LinkedIn: https://www.linkedin.com/in/kevindigilio
  2. Company: https://kmdtechnology.com/

Listen Now & Subscribe:

Apple Podcasts, Spotify, Amazon Music, or wherever you get your podcasts.

"Engineering Choices You Have to Defend explores the real technical decisions behind regulated software, compliance, and AI integration, helping leaders build secure, auditable, and user-friendly systems."

More episodes

Defending an engineering choice of your own?

Let's talk it through — architecture, AI, compliance, or the trade-off keeping you up at night. 15+ years of production decisions, on your side.

Start a conversation