The AI reasons; the physician decides.
Every output passes through a must-review-before-final gate. Clinicians review and sign every artifact before it becomes part of the chart. AB 489 compliance is the substrate, not a footnote.
Trust CenterFor CISOs, procurement, and counsel
Compliance, engineered into the reasoning substrate.
ChironAI is built for the regulatory realities of healthcare. The pages below document the frameworks we comply with, the controls we operate, the data we never touch, and the disclosures we are deliberate about. Designed to be the one URL a procurement officer can send to their CISO with confidence.
Every Trust Center page is print-friendly. Procurement teams routinely attach these documents to RFP responses.
Four pillars
AB 489 / SB 1120 / AB 3030 / ADMT / HIPAA
Compliance →
Regulatory frameworks ChironAI is engineered around — California AB 489 (AI as decision-support, not clinician), SB 1120 (physician decision authority), AB 3030 (generative AI disclosure), AB 375 CCPA/CPRA Automated Decision-Making Technology, HIPAA-aligned controls, GDPR and UK GDPR posture.
Encryption, audit chain, access controlSecurity →
256-bit encryption at rest and in transit. Tamper-evident HMAC + previous-hash audit chain. SHA-256 document signature integrity. Fine-grained clinical RBAC. Multi-tenant isolation enforced by tenant ID guards. MFA on staff accounts. SOC 2 audit-ready controls; formal audit pathway evaluation underway.
No customer data in training, by constructionData handling →
Eve-Genesis (Clinical Edition) is 100% synthetic by construction. No customer data, no patient data, and no protected health information enters our training pipeline — ever, by architectural property. Data residency commitments by region. Retention policies per data class. BAA available for institutional customers.
FDA SaMD posture, audit status, jurisdictionalDisclosures →
Where we are deliberately silent or not yet certified — honest framing rather than overclaim. FDA SaMD pathway evaluation, SOC 2 and ISO 27001 current status, audit firm relationships, jurisdictional disclosures across the operating regions.
The architectural posture
What it means to engineer compliance into the substrate.
No customer data used for training. By construction.
Eve-Genesis (Clinical Edition), our proprietary training corpus, is 100% synthetic. The architecture cannot leak what is not present. This is an architectural property, not a policy promise.
Every output is auditable.
Tamper-evident HMAC + previous-hash audit chain on every clinical action. SHA-256 signature integrity on every signed document. Versioned, traceable, reviewable end to end.
Structured workflow, not free-form chat.
Free-form interfaces are incompatible with the auditability requirements of regulated industries. ChironAI is structured-workflow by design — evidence presented openly, reasoning visible at every step, confidence calibrated, every source cited.
How we handle bias
You cannot train bias out of a model; you can only separate the reasoning from the knowledge from the jurisdiction, so the bias becomes something you can read, audit, and govern.
Algorithmic bias in clinical decision support is not hypothetical — risk scores that under-serve the patients who need care most are among the best-documented failures in health AI. It happens because a single model learns the inequities of the historical record in the same weights that carry its competence; you cannot scrub one without disturbing the other. ChironAI does not try. It separates the three things a single model fuses.
The reasoning is trained on logic, not on outcomes. The clinical reasoner learns the modes of diagnosis — abductive, analogical — from the structure of inference itself, on Eve-Genesis (Clinical Edition) synthetic data. It is never shown a record of who historically received which care, so there is no demographic distribution to inherit.
The knowledge is rented and bounded. Frontier models are consulted for narrow sub-questions — a drug interaction, a guideline lookup — inside a fence the reasoner draws. They answer; they never frame the case.
The standard of care is written down. The guideline in force in this health system, this region, this population is carried as a plain-language instruction, not baked into a model. A clinician can read it, challenge it, and change it for the next care setting without retraining anything — and when a result is wrong, point to the layer that produced it. The assumption is a sentence, not a secret — the full argument.
A note to the reader
Have a procurement or security question we haven't answered?
Reach our security and compliance team directly. We respond to procurement and security-due-diligence inquiries within two business days.
Start a conversation →