Proof, explained.
Guides on making clinical AI, medical devices, and record access verifiable, without exposing patient data.
Practical, honestly-sourced writing for the people accountable when AI acts inside care: how to prove a clinical-AI decision, what FDA §524B and HIPAA actually require, and how to make a device quantum-safe. Every claim checkable, every stat attributed.
Prove the
decision.
The unprovable AI decision is a new class of risk. These guides explain the receipt every clinical-AI decision needs, and how it stays non-device.
FDA and HIPAA,
made verifiable.
What §524B, the CDS non-device line, and HIPAA §164.312(b)/§164.528 actually require, and the evidence that supports them, honestly framed.
Secure into
the quantum age.
Why implants and records outlive their cryptography, and how post-quantum identity with in-field rotation keeps a decade of evidence defensible.
Read.
Long-form, cited, and written for a security committee. Start here.
Prove it in
your environment.
When you are ready, bring a decision, an access flow, or a device, and verify the evidence yourself.
Guides for proving the medicine.
Every guide is honestly sourced, cites its statistics to the original, and holds the same line the product does: attests but never decides, PHI-free, supports compliance rather than claiming to make you compliant.
What clinical-AI decision provenance is, and why every AI decision needs a receipt
When an AI decision reaches a patient and is later questioned, no one can prove what happened. Here is the receipt layer that changes that.
Read → Compliance · 12 minFDA Section 524B, explained: what "reasonable assurance of cybersecurity" actually requires
A plain guide to the three §524B obligations, the June 2025 final guidance, and the evidence an FDA submission actually needs.
Read → HIPAA · 11 minIs a clinical-AI audit trail HIPAA-compliant? Audit controls and accounting of disclosures
How a tamper-evident, PHI-free audit trail supports HIPAA §164.312(b) and §164.528, and why ordinary logs fail the test.
Read →What we write about
Clinical-AI decision provenance, FDA §524B and the CDS non-device line, HIPAA audit controls and accounting of disclosures, AIBOM for clinical AI, EU AI Act obligations, the NIST AI RMF, and post-quantum security for implants and long-retention records. If a claim cannot be checked or a statistic cannot be attributed, it does not appear.
Proof for every clinical decision.
Bring a decision, an access flow, or a device, and verify the evidence yourself.