



Internet Engineering Task Force                               T. Adebayo
Internet-Draft                                                O. Apalowo
Intended status: Informational                             F. Makanjuola
Expires: 7 October 2026                                      Veridom Ltd
                                                            5 April 2026


  OMP Domain Profile: Clinical AI Decision Accountability Under Joint
Commission/CHAI Guidance, California SB 1120, and Emerging US State and
                   Federal Healthcare AI Obligations
                     draft-veridom-omp-clinical-00

Abstract

   This document defines a domain profile of the Operating Model
   Protocol (OMP) for AI systems deployed in clinical and healthcare
   decision contexts subject to qualified human reviewer requirements
   under the US Joint Commission and Coalition for Health AI (CHAI)
   Responsible Use Guide (September 2025), California Senate Bill 1120
   (SB 1120, effective January 1, 2025), New York Assembly Bill A9149
   (pending), and related US state and federal healthcare AI
   accountability obligations.

   The profile -- designated CareGuard -- specifies how OMP's
   deterministic routing invariant, Watchtower enforcement framework,
   and three-layer cryptographic integrity architecture satisfy the
   qualified human reviewer documentation requirements, clinical
   decision traceability obligations, and AI governance evidence
   standards applicable to healthcare AI deployments.  The profile
   addresses four clinical deployment categories: medical necessity
   determinations, clinical decision support, diagnostic AI assistance,
   and prior authorisation AI systems.

   The OMP core specification is defined in the Operating Model Protocol
   Internet-Draft (draft-veridom-omp).

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.






Adebayo, et al.          Expires 7 October 2026                 [Page 1]

Internet-Draft           OMP Clinical AI Profile              April 2026


   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 7 October 2026.

Copyright Notice

   Copyright (c) 2026 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
   2.  Terminology . . . . . . . . . . . . . . . . . . . . . . . . .   4
   3.  Clinical AI Regulatory Framework Analysis . . . . . . . . . .   5
     3.1.  Joint Commission / CHAI Responsible Use Guide . . . . . .   5
     3.2.  California SB 1120  . . . . . . . . . . . . . . . . . . .   5
     3.3.  New York AB A9149 . . . . . . . . . . . . . . . . . . . .   6
     3.4.  Federal Context: ONC and CMS  . . . . . . . . . . . . . .   6
     3.5.  EU AI Act Annex III Healthcare Category . . . . . . . . .   6
     3.6.  Convergent Requirements . . . . . . . . . . . . . . . . .   6
   4.  OMP CareGuard Profile . . . . . . . . . . . . . . . . . . . .   6
     4.1.  Routing States Under This Profile . . . . . . . . . . . .   6
     4.2.  Named Accountable Officer: The Qualified Human
           Reviewer  . . . . . . . . . . . . . . . . . . . . . . . .   7
     4.3.  Watchtower Definitions  . . . . . . . . . . . . . . . . .   8
       4.3.1.  WT-CLINICAL-01: Qualified Human Reviewer Gate . . . .   8
       4.3.2.  WT-CLINICAL-02: Patient Safety Override Gate  . . . .   8
       4.3.3.  WT-CLINICAL-03: Clinical Confidence Floor Gate  . . .   9
       4.3.4.  WT-CLINICAL-04: Training Distribution Limitation
               Gate  . . . . . . . . . . . . . . . . . . . . . . . .   9
       4.3.5.  WT-CLINICAL-05: Anomalous Output Pattern Gate . . . .   9
       4.3.6.  WT-CLINICAL-06: SB 1120 Adverse Determination Gate  .  10
     4.4.  Audit Trace Schema Extensions . . . . . . . . . . . . . .  10
   5.  Clinical Deployment Category Mapping  . . . . . . . . . . . .  11
   6.  The CareGuard Invariant . . . . . . . . . . . . . . . . . . .  12
   7.  Patient Safety Override Architecture  . . . . . . . . . . . .  12
   8.  Clinical Proof-Point as Regulatory Evidence . . . . . . . . .  13
   9.  Security Considerations . . . . . . . . . . . . . . . . . . .  13
   10. IANA Considerations . . . . . . . . . . . . . . . . . . . . .  14



Adebayo, et al.          Expires 7 October 2026                 [Page 2]

Internet-Draft           OMP Clinical AI Profile              April 2026


   11. References  . . . . . . . . . . . . . . . . . . . . . . . . .  14
     11.1.  Normative References . . . . . . . . . . . . . . . . . .  14
     11.2.  Informative References . . . . . . . . . . . . . . . . .  15
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  16

1.  Introduction

   AI systems are now embedded across the clinical pathway: in medical
   necessity determination, prior authorisation, clinical decision
   support, diagnostic imaging analysis, sepsis prediction, and
   medication management.  The pace of deployment has substantially
   outrun the development of regulatory frameworks that specify, with
   technical precision, what accountability evidence these systems must
   produce.

   Three instruments have begun to define that framework with sufficient
   precision to support technical specification:

   *  The Joint Commission and CHAI Responsible Use Guide for Healthcare
      AI (September 2025) establishes that healthcare organisations must
      document human oversight of consequential AI clinical decisions,
      maintain evidence that qualified human reviewers evaluated AI
      recommendations before acting on them, and demonstrate that AI
      systems used in clinical settings have governance structures with
      named accountability.

   *  California Senate Bill 1120 (effective January 1, 2025) requires
      health insurers and managed care plans to ensure that adverse
      determinations based on AI-generated medical necessity decisions
      are reviewed by a licensed physician or other qualified clinician
      before the determination is communicated to the patient or
      provider.  The reviewing clinician must document their review, and
      the insurer must retain that documentation.

   *  New York Assembly Bill A9149 (pending) proposes analogous
      requirements for health plans operating in New York, including
      mandatory disclosure to patients when AI was used in a coverage
      determination and mandatory human reviewer documentation.

   These instruments converge on a structural requirement that maps
   directly onto OMP [I-D.veridom-omp]: every AI-assisted clinical
   decision that produces a consequential outcome for a patient must be
   either reviewed by a named, qualified human reviewer before it is
   acted upon, or blocked from autonomous execution and escalated to
   qualified human review.






Adebayo, et al.          Expires 7 October 2026                 [Page 3]

Internet-Draft           OMP Clinical AI Profile              April 2026


   This document defines the CareGuard profile: the domain-specific
   instantiation of OMP for clinical AI accountability.  CareGuard
   denotes that each AI-assisted clinical decision is cryptographically
   marked against the operator's care accountability obligations,
   producing a tamper-evident record before the decision affects a
   patient.

   Related OMP domain profiles include the AI Liability Insurance
   profile [I-D.veridom-omp-aiins].  Audit Trace payloads are
   canonicalized per [RFC8785].  The OMP specification is also archived
   at [ZENODO-OMP].

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119] [RFC8174].

2.  Terminology

   This document uses the terminology defined in [I-D.veridom-omp].  In
   addition:

   *  Qualified Human Reviewer (QHR): The licensed clinician or
      credentialed healthcare professional designated to review AI
      recommendations before they are acted upon.  In OMP terms, the
      Named Accountable Officer for ASSISTED and ESCALATED interactions
      under this profile.

   *  Consequential Clinical Decision: An AI-assisted decision that, if
      acted upon without human review, would directly affect a patient's
      care pathway, coverage status, medication, diagnosis, or treatment
      recommendation.  All Consequential Clinical Decisions are subject
      to the CareGuard Invariant.

   *  Adverse Determination: A determination resulting in denial,
      limitation, or termination of coverage or benefits for a patient,
      as defined in California SB 1120 and analogous state statutes.  A
      subset of Consequential Clinical Decisions subject to the most
      stringent QHR documentation requirements.

   *  Patient Safety Override: An immediate, non-negotiable interruption
      of an AI-assisted clinical process triggered when the AI system's
      output creates an imminent patient safety risk, generating an
      ESCALATED routing outcome, a HARD_BLOCK, and an immediate alert to
      the Clinical Escalation Authority.







Adebayo, et al.          Expires 7 October 2026                 [Page 4]

Internet-Draft           OMP Clinical AI Profile              April 2026


   *  CareGuard Invariant: The two-property invariant defined in
      Section 6: every Consequential Clinical Decision either generates
      a sealed CareGuard Audit Trace documenting QHR review before the
      decision is acted upon, or is blocked until QHR review is
      completed and documented.

   *  Clinical Escalation Authority: The designated individual or team
      responsible for Patient Safety Override response.  Their response
      is documented in the CareGuard Audit Trace.

3.  Clinical AI Regulatory Framework Analysis

3.1.  Joint Commission / CHAI Responsible Use Guide

   The Joint Commission and CHAI Responsible Use Guide (September 2025)
   [CHAI-2025] requires: contemporaneous documentation that qualified
   clinical staff reviewed AI recommendations before acting on them;
   named accountability for AI clinical system governance; auditability
   of specific clinical decisions (what the AI recommended, whether a
   qualified reviewer assessed the recommendation, what the final
   outcome was); and documentation of failure mode handling when AI
   confidence is low or the training distribution does not cover the
   patient presentation.

   The contemporaneity requirement is the specific property OMP's sealed
   Audit Trace architecture satisfies.  A QHR attestation created after
   the fact is not contemporaneous evidence; an OMP CareGuard Audit
   Trace sealed with an RFC 3161 [RFC3161] Qualified Timestamp at the
   moment of QHR review is.

3.2.  California SB 1120

   California SB 1120 [CA-SB1120] (effective January 1, 2025) requires:
   a physician or other licensed healthcare professional with relevant
   clinical expertise must review AI-generated adverse medical necessity
   determinations before they are communicated to the patient or
   provider; the reviewing clinician must document independent clinical
   review; health plans must retain the AI recommendation, the
   reviewer's documentation, and the final determination; and health
   plans must disclose to enrollees when AI was used in a coverage
   determination resulting in a denial.










Adebayo, et al.          Expires 7 October 2026                 [Page 5]

Internet-Draft           OMP Clinical AI Profile              April 2026


3.3.  New York AB A9149

   New York AB A9149 [NY-A9149] (pending) proposes requirements
   substantively identical to California SB 1120 for health plans
   operating in New York, with additional provisions: patient
   notification in writing when AI was used in a coverage determination;
   patient right to request human review of any AI-assisted adverse
   determination; and New York DFS audit rights over health plan AI
   systems used in coverage determinations.  The CareGuard profile is
   designed to satisfy both instruments through a single evidence
   framework.

3.4.  Federal Context: ONC and CMS

   The CMS Interoperability and Prior Authorization Rule (CMS-0057-F
   [CMS-0057-F], effective January 2026) requires health plans subject
   to CMS oversight to automate prior authorisation processes and
   maintain documentation of prior authorisation decisions including AI-
   assisted decisions.  Section 5.4 addresses CMS-0057-F documentation
   requirements.

3.5.  EU AI Act Annex III Healthcare Category

   The EU AI Act Annex III includes AI systems used in medical or health
   services as high-risk AI systems subject to Article 12 logging
   requirements addressed in [I-D.veridom-omp-euaia].  The CareGuard
   profile is designed for use in conjunction with the EUAIA profile for
   healthcare AI deployments subject to both EU AI Act and US clinical
   accountability requirements.  Section 4.5 defines a compatibility
   field for joint deployments.

3.6.  Convergent Requirements

   The Joint Commission/CHAI guide, California SB 1120, and the pending
   New York legislation define a structure that maps precisely onto
   OMP's three routing states: AI clinical recommendations reviewed and
   approved by a QHR before being acted upon correspond to ASSISTED;
   recommendations triggering a Patient Safety Override or confidence
   failure correspond to ESCALATED; fully autonomous AI clinical
   decisions affecting patients are NOT PERMITTED under this profile for
   Consequential Clinical Decisions.

4.  OMP CareGuard Profile

4.1.  Routing States Under This Profile






Adebayo, et al.          Expires 7 October 2026                 [Page 6]

Internet-Draft           OMP Clinical AI Profile              April 2026


   *  AUTONOMOUS: NOT PERMITTED for Consequential Clinical Decisions.
      WT-CLINICAL-01 MUST be configured as a universal FORCE_ASSISTED
      trigger for all interactions classified as Consequential Clinical
      Decisions.  AUTONOMOUS routing is permitted only for
      administrative, scheduling, or non-clinical AI functions that do
      not directly affect a patient's care pathway, coverage, diagnosis,
      or treatment.  Operators MUST maintain a written classification of
      which interaction types are non-clinical (AUTONOMOUS eligible)
      versus Consequential Clinical Decisions (QHR mandatory), reviewed
      and approved annually by the operator's AI governance authority.

   *  ASSISTED: The standard routing state for all Consequential
      Clinical Decisions.  The AI generates a recommendation; the QHR
      reviews, exercises independent clinical judgment, and documents
      their review before the recommendation is acted upon.  The QHR's
      NPI, credential type, review timestamp, and clinical determination
      are sealed in the CareGuard Audit Trace.

   *  ESCALATED: Triggered by: Patient Safety Override (WT-CLINICAL-02),
      confidence failure below the clinical safety floor (WT-CLINICAL-
      03), known training distribution limitation for the patient
      presentation (WT-CLINICAL-04), or anomalous AI output pattern (WT-
      CLINICAL-05).  The AI recommendation MUST NOT be communicated to
      the patient or used in a clinical decision until the Clinical
      Escalation Authority has reviewed and documented a clinical
      disposition.

4.2.  Named Accountable Officer: The Qualified Human Reviewer

   The Named Accountable Officer under this profile is the Qualified
   Human Reviewer: the licensed clinician who reviews the AI
   recommendation before it is acted upon.  The QHR MUST hold the
   licensure required by applicable law for the type of clinical
   decision under review.  For California SB 1120, the QHR MUST be a
   physician or other licensed healthcare professional with relevant
   clinical expertise.

   Required fields in the QHR record:

   *  qhr_npi: National Provider Identifier (US) or equivalent national
      professional registration identifier.  MUST NOT be null for
      Consequential Clinical Decisions;

   *  qhr_credential_type: licensure category (e.g., "MD", "DO", "NP",
      "PA", "RN");






Adebayo, et al.          Expires 7 October 2026                 [Page 7]

Internet-Draft           OMP Clinical AI Profile              April 2026


   *  qhr_review_timestamp: ISO 8601 UTC timestamp of the QHR's review
      action -- the contemporaneity anchor for SB 1120 and Joint
      Commission/CHAI compliance;

   *  qhr_clinical_determination: one of APPROVED, MODIFIED, OVERRIDDEN,
      ESCALATED_TO_SPECIALIST;

   *  qhr_independent_basis: REQUIRED for MODIFIED and OVERRIDDEN;
      documents that the QHR exercised independent professional
      judgment, not merely ratified the AI recommendation.

4.3.  Watchtower Definitions

4.3.1.  WT-CLINICAL-01: Qualified Human Reviewer Gate

   *Trigger:* Any interaction classified as a Consequential Clinical
   Decision.

   *Action:* FORCE_ASSISTED.  Cannot be disabled for Consequential
   Clinical Decisions.

   *Rationale:* California SB 1120 and the Joint Commission/CHAI guide
   require documented human oversight of consequential AI clinical
   decisions.  This Watchtower gives these requirements structural
   enforcement: it is architecturally impossible for a Consequential
   Clinical Decision to proceed to patient impact without generating a
   QHR review record.

4.3.2.  WT-CLINICAL-02: Patient Safety Override Gate

   *Trigger:* AI output contains or implies a condition the operator's
   clinical safety detection framework identifies as creating an
   imminent patient safety risk (e.g., recommendation conflicting with a
   known allergy or contraindication; medical necessity denial for a
   condition flagged as urgent; diagnostic output inconsistent with
   vital signs indicating acute deterioration).

   *Action:* HARD_BLOCK immediately.  AI output MUST NOT be communicated
   to the patient, provider, or any downstream clinical process.
   Clinical Escalation Authority alerted immediately.

   *Rationale:* Patient safety is non-negotiable.  HARD_BLOCK ensures
   Patient Safety Override conditions interrupt the AI pipeline rather
   than merely flagging it, preventing the failure mode where an AI
   safety concern is communicated as a recommendation rather than an
   immediate interrupt.





Adebayo, et al.          Expires 7 October 2026                 [Page 8]

Internet-Draft           OMP Clinical AI Profile              April 2026


4.3.3.  WT-CLINICAL-03: Clinical Confidence Floor Gate

   *Trigger:* Composite Confidence Score falls below the operator's
   configured clinical safety floor.

   *Action:* FORCE_ESCALATED.  The AI recommendation MAY be provided to
   the Clinical Escalation Authority as context, clearly labelled as
   below the clinical confidence floor, but MUST NOT be acted upon as an
   AI recommendation.

   *Rationale:* A recommendation generated below the clinical confidence
   floor signals the AI system is operating outside its validated
   performance envelope.  The appropriate clinical response is
   independent human judgment, not review of an unreliable
   recommendation.

4.3.4.  WT-CLINICAL-04: Training Distribution Limitation Gate

   *Trigger:* Patient presentation matches a known training distribution
   limitation documented in the AI system's clinical validation records
   (e.g., demographic characteristics underrepresented in training data;
   clinical features identified as associated with reduced performance).

   *Action:* FORCE_ESCALATED.  CareGuard Audit Trace records the
   specific training limitation triggered.

   *Rationale:* Known training distribution limitations create a
   specific duty to escalate when those limitations are relevant to a
   patient presentation, consistent with the Joint Commission/CHAI
   requirement to document AI failure mode handling.

4.3.5.  WT-CLINICAL-05: Anomalous Output Pattern Gate

   *Trigger:* AI output deviates from expected operating parameters in
   ways suggesting model degradation, data drift, or adversarial input
   rather than a legitimate clinical edge case.

   *Action:* FORCE_ESCALATED plus system anomaly alert for review by the
   operator's AI governance authority.

   *Rationale:* AI clinical systems can degrade as patient population
   characteristics evolve away from the training distribution.
   Anomalous output detection provides early warning to prevent
   systematic patient harm from a degraded AI system operating at scale.







Adebayo, et al.          Expires 7 October 2026                 [Page 9]

Internet-Draft           OMP Clinical AI Profile              April 2026


4.3.6.  WT-CLINICAL-06: SB 1120 Adverse Determination Gate

   *Trigger:* For health insurer and managed care plan deployments
   subject to California SB 1120: AI output constitutes or implies an
   adverse determination.

   *Action:* FORCE_ESCALATED.  MUST be reviewed by a physician or other
   licensed healthcare professional with relevant clinical expertise
   before the adverse determination is communicated to the patient or
   provider.

   *Rationale:* California SB 1120 creates a specific, legally
   enforceable requirement for QHR review of AI-generated adverse
   determinations.  WT-CLINICAL-06 gives this requirement structural
   enforcement for the SB 1120 context, in addition to the general QHR
   Gate (WT-CLINICAL-01).

4.4.  Audit Trace Schema Extensions

   The following fields are REQUIRED under the CareGuard profile, in
   addition to core fields in [I-D.veridom-omp] Section 7:

   *  qhr_npi: string, REQUIRED for Consequential Clinical Decisions.
      National Provider Identifier (US) or equivalent national
      professional registration identifier.

   *  qhr_credential_type: string, REQUIRED.  RECOMMENDED values: "MD",
      "DO", "NP", "PA", "RN", "PharmD", "clinical_specialist".

   *  qhr_review_timestamp: string, ISO 8601 UTC, REQUIRED for ASSISTED
      and ESCALATED.  The contemporaneity anchor for SB 1120 and Joint
      Commission/CHAI compliance.

   *  qhr_clinical_determination: string, REQUIRED for ASSISTED and
      ESCALATED.  One of: APPROVED, MODIFIED, OVERRIDDEN,
      ESCALATED_TO_SPECIALIST.

   *  qhr_independent_basis: string, OPTIONAL for APPROVED; REQUIRED for
      MODIFIED and OVERRIDDEN.  Documents independent clinical judgment,
      not merely ratification of the AI recommendation.

   *  patient_safety_override: boolean, REQUIRED.  True if WT-
      CLINICAL-02 triggered a Patient Safety Override.

   *  clinical_confidence_floor_breached: boolean, REQUIRED.  True if
      WT-CLINICAL-03 triggered for this interaction.





Adebayo, et al.          Expires 7 October 2026                [Page 10]

Internet-Draft           OMP Clinical AI Profile              April 2026


   *  training_limitation_triggered: string, OPTIONAL.  Identifier of
      the specific training distribution limitation that triggered WT-
      CLINICAL-04, if applicable.

   *  deployment_category: string, REQUIRED.  One of:
      "medical_necessity", "clinical_decision_support",
      "diagnostic_assistance", "prior_authorisation", "administrative".

   *  sb1120_adverse_determination: boolean, REQUIRED for health insurer
      and managed care plan deployments in California.  True if WT-
      CLINICAL-06 triggered.

   *  euaia_joint_deployment: boolean, OPTIONAL.  True if this
      deployment is also subject to EU AI Act Article 12 requirements
      addressed in [I-D.veridom-omp-euaia].

   *  profile_version: string, REQUIRED.  MUST be "VERIDOM-CAREGUARD-
      v1.0".

5.  Clinical Deployment Category Mapping

   For medical necessity determinations: WT-CLINICAL-01 and WT-
   CLINICAL-06 MUST be active. deployment_category MUST be
   "medical_necessity".  For California deployments,
   sb1120_adverse_determination MUST be evaluated for every interaction.
   The QHR MUST hold the SB 1120-required credential.  Audit Traces MUST
   be retained for a minimum of three years from the determination date
   for California SB 1120 compliance.

   For clinical decision support: WT-CLINICAL-01 through WT-CLINICAL-05
   MUST be active. deployment_category MUST be
   "clinical_decision_support".  The QHR is the treating clinician who
   acts on the AI recommendation at the point of care; their NPI MUST be
   recorded.  WT-CLINICAL-04 MUST be configured with the training
   distribution limitations documented in the AI system's clinical
   validation records and FDA 510(k) clearance documentation where
   applicable.

   For diagnostic AI assistance: WT-CLINICAL-01 through WT-CLINICAL-05
   MUST be active.  WT-CLINICAL-02 is particularly critical: a
   diagnostic AI recommendation conflicting with clinical findings
   indicating acute deterioration MUST trigger HARD_BLOCK.
   deployment_category MUST be "diagnostic_assistance".  The QHR is the
   licensed clinician who interprets the AI output and issues the
   diagnostic report.






Adebayo, et al.          Expires 7 October 2026                [Page 11]

Internet-Draft           OMP Clinical AI Profile              April 2026


   For prior authorisation AI systems: WT-CLINICAL-01 and WT-CLINICAL-06
   MUST be active. deployment_category MUST be "prior_authorisation".
   For CMS-regulated health plans, CareGuard Audit Traces for prior
   authorisation decisions MUST be retained and producible for CMS audit
   within the timeframes specified by CMS-0057-F.  Audit Traces MUST
   record whether the prior authorisation request was subject to a
   required response timeline and whether QHR review was completed
   within that timeline.

6.  The CareGuard Invariant

   Implementations of this profile MUST satisfy the following two-
   property invariant:

   *  Property 1 (QHR review completeness): Every Consequential Clinical
      Decision MUST generate a sealed CareGuard Audit Trace documenting
      QHR review before the AI recommendation is acted upon,
      communicated to a patient or provider, or used in a coverage
      determination.  No Consequential Clinical Decision may affect a
      patient without a contemporaneous, sealed QHR review record.

   *  Property 2 (Immutable trail): The CareGuard Audit Trace MUST be
      sealed with the three-layer integrity architecture defined in
      [I-D.veridom-omp] Section 7.  Any modification to any historical
      Audit Trace record MUST be detectable by any third party --
      including a state regulator, CMS, the Joint Commission, or a court
      -- without access to the operator's or OMP implementer's
      infrastructure.

   An operator satisfying the CareGuard Invariant can demonstrate, for
   any Consequential Clinical Decision: the AI recommendation as
   generated; the QHR's identity (NPI), credential type, and review
   timestamp establishing contemporaneity for SB 1120 and Joint
   Commission/CHAI purposes; the QHR's clinical determination and
   independent basis where required; Watchtower evaluation results;
   whether a Patient Safety Override was triggered; and that the record
   has not been altered since sealing.

7.  Patient Safety Override Architecture

   When WT-CLINICAL-02 triggers a Patient Safety Override: (a) the AI
   system's output is immediately blocked -- no further processing of
   the AI recommendation occurs; (b) a Patient Safety Override Audit
   Trace is generated immediately with patient_safety_override set to
   true, the specific safety condition identified, and a UTC timestamp
   sealed with an RFC 3161 TimeStampToken; (c) the Clinical Escalation
   Authority is alerted immediately; (d) the Clinical Escalation
   Authority's response -- including the responding clinician's



Adebayo, et al.          Expires 7 October 2026                [Page 12]

Internet-Draft           OMP Clinical AI Profile              April 2026


   identity, response timestamp, and clinical disposition -- MUST be
   recorded in the CareGuard Audit Trace within the operator's
   configured maximum response time; (e) no further AI-assisted
   processing of this interaction MAY occur until the Clinical
   Escalation Authority has documented a clinical disposition.

   The Patient Safety Override architecture prevents the failure mode
   documented in published adverse event reports involving AI clinical
   systems: a patient safety concern detected by an AI system that was
   communicated as a recommendation rather than as an immediate
   interrupt, resulting in delayed clinical response.  OMP's HARD_BLOCK
   mechanism ensures Patient Safety Override conditions interrupt the AI
   pipeline, not merely flag it.

8.  Clinical Proof-Point as Regulatory Evidence

   The OMP Proof-Point artefact for a clinical deployment MUST include,
   for each Consequential Clinical Decision: the full CareGuard Audit
   Trace including the AI recommendation as generated; the QHR review
   record; the Watchtower evaluation log; chain integrity proof (SHA-256
   Merkle root and chain path); and the RFC 3161 TimeStampToken
   verification output from the OMP Reference Validator [OMP-OPEN-CORE],
   confirming the temporal anchor that establishes contemporaneity.

   This artefact is self-contained: a state insurance regulator, CMS
   auditor, Joint Commission reviewer, plaintiff's attorney, or expert
   witness can verify its integrity using only the OMP Reference
   Validator and the Timestamp Authority's public key material, without
   access to the operator's infrastructure.  For SB 1120 adverse
   determination appeals, the CareGuard Audit Trace provides:
   documentation of independent QHR review (SB 1120 requirement); RFC
   3161 timestamp proving contemporaneity; qhr_independent_basis
   documenting independent clinical judgment; and the three-layer
   integrity architecture proving the record has not been altered.

9.  Security Considerations

   The security considerations of [I-D.veridom-omp] apply in full.

   Patient data sensitivity: CareGuard Audit Traces will routinely
   contain or be associated with Protected Health Information (PHI)
   under HIPAA.  Operators MUST implement HIPAA-compliant safeguards for
   Audit Trace storage, access, and disclosure.








Adebayo, et al.          Expires 7 October 2026                [Page 13]

Internet-Draft           OMP Clinical AI Profile              April 2026


   QHR identity integrity: The qhr_npi field MUST reflect the NPI of the
   actual clinician who reviewed the AI recommendation.  Operators MUST
   implement technical controls to prevent NPI assignment without the
   clinician's authenticated action.  The review_timestamp MUST be set
   by the OMP pipeline at the time of the QHR's authenticated review
   action.

   Patient Safety Override integrity: The patient_safety_override field
   MUST be set by the OMP Watchtower framework, not by the operator's
   application layer.  Operators MUST NOT implement mechanisms allowing
   the patient_safety_override flag to be unset after being set by WT-
   CLINICAL-02.

   Confidence floor integrity: Changes to the clinical confidence floor
   MUST be treated as configuration changes requiring the same
   governance approval as clinical protocol changes, and MUST generate a
   WT-CLINICAL-05 anomaly record.

10.  IANA Considerations

   This document has no IANA actions.

11.  References

11.1.  Normative References

   [I-D.veridom-omp]
              Adebayo, T., Apalowo, O., and F. Makanjuola, "Operating
              Model Protocol (OMP): A Deterministic Decision-Enforcement
              Protocol with Externalized Proof-of-Integrity", Work in
              Progress, Internet-Draft, draft-veridom-omp-00, March
              2026, <https://datatracker.ietf.org/doc/html/draft-
              veridom-omp-00>.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC3161]  Adams, C., Cain, P., Pinkas, D., and R. Zuccherato,
              "Internet X.509 Public Key Infrastructure Time-Stamp
              Protocol (TSP)", RFC 3161, August 2001,
              <https://www.rfc-editor.org/info/rfc3161>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, May 2017,
              <https://www.rfc-editor.org/info/rfc8174>.





Adebayo, et al.          Expires 7 October 2026                [Page 14]

Internet-Draft           OMP Clinical AI Profile              April 2026


   [RFC8785]  Rundgren, A., Jordan, B., and S. Erdtman, "JSON
              Canonicalization Scheme (JCS)", RFC 8785, June 2020,
              <https://www.rfc-editor.org/info/rfc8785>.

11.2.  Informative References

   [CA-SB1120]
              California Legislature, "Senate Bill 1120: Health care
              coverage: utilization review: artificial intelligence",
              2024.

   [CHAI-2025]
              Joint Commission and Coalition for Health AI (CHAI),
              "Responsible Use Guide for Healthcare AI", September 2025.

   [CMS-0057-F]
              Centers for Medicare and Medicaid Services, "CMS
              Interoperability and Prior Authorization Final Rule (CMS-
              0057-F)", January 2024.

   [I-D.veridom-omp-aiins]
              Adebayo, T., Apalowo, O., and F. Makanjuola, "OMP Domain
              Profile: AI Liability Insurance Underwriting and
              Parametric Claims Evidence", Work in Progress, Internet-
              Draft, draft-veridom-omp-aiins-00, April 2026,
              <https://datatracker.ietf.org/doc/html/draft-veridom-omp-
              aiins-00>.

   [I-D.veridom-omp-euaia]
              Adebayo, T., Apalowo, O., and F. Makanjuola, "OMP Domain
              Profile: EU AI Act Article 12 Logging and Traceability
              Requirements for High-Risk AI System Operators", Work in
              Progress, Internet-Draft, draft-veridom-omp-euaia-00,
              April 2026, <https://datatracker.ietf.org/doc/html/draft-
              veridom-omp-euaia-00>.

   [NY-A9149] New York State Assembly, "Assembly Bill A9149: Relates to
              health insurance coverage and artificial intelligence",
              2025.

   [OMP-OPEN-CORE]
              Veridom Ltd, "OMP Open Core: Reference Validator and
              Schema Library",  Apache 2.0,
              https://github.com/veridomltd/omp-open-core, 2026.

   [ZENODO-OMP]
              Adebayo, T., Apalowo, O., and F. Makanjuola, "OMP --
              Operating Model Protocol: A Deterministic Routing



Adebayo, et al.          Expires 7 October 2026                [Page 15]

Internet-Draft           OMP Clinical AI Profile              April 2026


              Invariant for Tamper-Evident AI Decision Accountability in
              Regulated Industries", Zenodo DOI 10.5281/zenodo.19140948,
              March 2026.

Authors' Addresses

   Tolulope Adebayo
   Veridom Ltd
   London
   United Kingdom
   Email: tolulope@veridom.io


   Oluropo Apalowo
   Veridom Ltd
   Awka
   Nigeria
   Email: ropo@veridom.io


   Festus Makanjuola
   Veridom Ltd
   Toronto
   Canada
   Email: festus@veridom.io


























Adebayo, et al.          Expires 7 October 2026                [Page 16]
