AI agents in healthcare access PHI, recommend treatments, and make clinical decisions. Project AIR provides the cryptographic proof that every access was authorized, every decision was logged, and every action can be audited.
Capabilities
Every patient record access by an AI agent is captured as a signed intent capsule with BLAKE3 chain hashing and Ed25519 signatures. No PHI touches go unrecorded.
Audit controls required by the HIPAA Security Rule are satisfied through tamper-evident forensic chains. Each record is cryptographically linked to the previous one.
45 CFR 164.312(c) integrity requirements are met by the signed chain architecture. Any modification to any record is detectable at the byte level.
16 OWASP-mapped detectors run locally with zero data exfiltration. Prompt injection, data leakage, privilege escalation, and tool misuse are flagged in real time.
Auth0-verified containment (Layer 3) ensures sensitive clinical actions require human approval via JWT-verified step-up authentication. Deny rules override step-up rules.
Generate HIPAA evidence reports, EU AI Act Article 72 reports, and NIST AI RMF assessments directly from your signed forensic chain.
Every ADT, ORM, ORU, MDM message your clinical AI agent handles is parsed and recorded as a signed capsule. PHI is redacted by default to minimize exposure; BAA required for all clinical deployments.
HL7v2 segments are mapped to FHIR R4 resources (Patient, Observation, ServiceRequest, DiagnosticReport) using the HL7-published spec models. Auditors see structured clinical data with proper coding system attribution.
Quick Start
Every call generates a signed, tamper-evident record. Run air demo --healthcare to see it in action.
FAQ
The only data that leaves your network is a BLAKE3 hash (32 bytes) submitted to Sigstore Rekor for timestamping. No PHI, no clinical content, no patient identifiers, no message payloads. The hash is a one-way cryptographic commitment that proves the chain existed at a point in time.