Clinical AI Disclosure Kinetic Gain Protocol Suite · HealthTech
HealthTech extension · v0.1 draft

What does your healthcare AI vendor actually disclose?

Clinical AI Disclosure is an open JSON specification that forces healthcare AI vendors to declare — in machine-readable form — exactly what their system does, what FDA / SaMD class it falls under, what evidence supports it, what HIPAA posture it carries, and how it integrates with the EHR. Built for hospital CMIOs, compliance officers, and procurement teams tired of reading 40-page vendor whitepapers.

Read the spec Try the visualizer
  • Autonomy ⇔ device: autonomous clinical AI MUST be classified as a medical device — schema-enforced
  • Bias audit as first-class field — required for SaMD class II+ and autonomous decision support
  • Served at /.well-known/clinical-ai/<system_id>.json

Why a Clinical AI Card?

Today, hospital procurement teams read AI-vendor whitepapers, HIPAA attestations, and (when applicable) FDA 510(k) summaries as PDFs. A Clinical AI Card is the same content in a format an EHR app gallery, an automated procurement tool, or a compliance auditor can read in milliseconds. The fields map directly to controls in CMS Conditions of Participation, 21st Century Cures Act information-blocking provisions, and HIPAA security-rule audits.

Regulatory posture, machine-readable

FDA status (510k_cleared / de_novo / pma / enforcement_discretion / research_use_only), clearance number + URI, ISO certifications, SaMD class + classification rationale, regional authorizations.

Clinical role, declared

decision_support_level (informational / advisory / autonomous), clinician-override-required, patient-facing, transparency-to-patient, pre-authorization use.

Evidence as a procurement asset

Validation studies with population size + peer-review status, training data sources, sensitivity / specificity / AUC with measurement population, and the bias-audit URI — required for SaMD class II+.

HIPAA / patient-data posture

PHI processed flag gates explicit HIPAA + BAA posture. De-identification method, retention days, patient consent, third-party sharing, model-training consent — all declared at the field level.

Safety + mandated reporting

Human-in-loop categories, escalation protocols, mandatory reporting (adverse drug events, abuse, suicide risk, infectious disease), and diagnostic-claim blocking for non-FDA-cleared systems.

EHR integration, declared

FHIR version (R4 / R5), SMART-on-FHIR support, CDS Hooks support, supported EHR vendors (Epic / Cerner / Athena / MEDITECH / Allscripts / eClinicalWorks).

The eight required sections

  1. Systemid, name, version, provider, description
  2. Clinical context — indication, care setting, patient population, intended use, off-label-uses-prohibited
  3. Regulatory — FDA status, clearance number + URI, ISO certifications, SaMD class
  4. Clinical role — decision-support level, clinician override, patient-facing flag, transparency
  5. Evidence — validation studies, training-data sources, bias audit URI, performance metrics
  6. Patient data — PHI processed, HIPAA, BAA, retention, consent, third-party sharing
  7. Safety — human-in-loop categories, escalation, mandatory reporting, diagnostic-claim blocking
  8. EHR integration (optional) — FHIR version, SMART on FHIR, CDS Hooks, EHR vendors supported

Plus optional sections for the underlying agent_card_uri back-reference, independent evaluations[], and an audit block (audit log URI, incident response, AI Incident Card index). The full schema is published as a JSON Schema draft 2020-12 document with seven conditional rules baked in — including the headline autonomy ⇔ medical-device rule.

A canonical example: sepsis early warning

A 510(k)-cleared SaMD class II early-warning system. EHR-integrated, clinician-override-required, multi-site validated, bias-audited. The same document is served at /.well-known/clinical-ai/kineticgain-sepsis-ews.json for automated discovery.

{
  "clinical_ai_card_version": "0.1",
  "system": {
    "id": "kineticgain-sepsis-ews",
    "name": "Kinetic Gain Sepsis Early Warning System",
    "version": "2.3.1",
    "provider": "Kinetic Gain Health"
  },
  "clinical_context": {
    "indication": "Early detection of adult inpatient sepsis...",
    "care_settings": ["inpatient", "icu"],
    "patient_population": { "age_range_min": 18, "age_range_max": 89 },
    "intended_use": "Clinical decision support for adult inpatient providers...",
    "off_label_uses_prohibited": true
  },
  "regulatory": {
    "fda_status": "510k_cleared",
    "fda_clearance_number": "K233456",
    "fda_clearance_uri": "https://www.accessdata.fda.gov/.../K233456",
    "iso_certifications": ["ISO 13485", "IEC 62304", "ISO 14971"],
    "is_medical_device": true,
    "is_clinical_decision_support": true,
    "is_software_as_medical_device": true,
    "samd_class": "II",
    "samd_classification_rationale": "Serious situation, drive clinical management → Class II"
  },
  "clinical_role": {
    "decision_support_level": "advisory",
    "clinician_override_required": true,
    "patient_facing_only": false,
    "transparency_to_patient_required": true
  },
  "evidence": {
    "validation_studies": [/* multi-site prospective N=48,217 */],
    "bias_audit_uri": "https://health.kineticgain.com/audits/sepsis-ews-bias.pdf",
    "performance_metrics": {
      "sensitivity": 0.84, "specificity": 0.78, "auc": 0.89,
      "measurement_population": "Adult inpatient at 4 US academic centers, 2024-2025"
    }
  },
  "patient_data": {
    "phi_processed": true, "hipaa_compliant": true, "baa_required": true,
    "retention_days": 365, "third_party_data_sharing": false
  },
  "safety": {
    "human_in_loop_required_for": ["pediatric-routed", "obstetric-patient", "comfort-care-only"],
    "mandatory_reporting_categories": ["adverse-drug-event-related-to-acted-on-alert"]
  },
  "ehr_integration": {
    "fhir_version": "R4",
    "supports_smart_on_fhir": true,
    "supports_cds_hooks": true,
    "ehr_vendors_supported": ["Epic", "Cerner", "MEDITECH"]
  }
}

Tooling around the spec

Specification

clinical-ai-disclosure-spec

The normative spec, JSON Schema, and three canonical examples (sepsis EWS, patient-triage chatbot, research-use molecule design). AGPL-3.0.

View repo →
Visualizer

kinetic-gain-visualizer

One visualizer for all 10 specs in the Kinetic Gain Protocol Suite. Auto-detects via clinical_ai_card_version; renders a procurement-grade view.

Open visualizer →
MCP server

mcp-kinetic-gain

Unified MCP server. v0.4.0 exposes 34 tools across 8 specs; a v0.5 will add Clinical-AI tools for fetch / validate / inspect / compliance-check.

View on GitHub →

About the Kinetic Gain Protocol Suite

Clinical AI Disclosure is the HealthTech vertical extension to a family of ten open JSON specifications built for the answer-engine and agent era. Five core specs (AEO Protocol, Prompt Provenance, Agent Cards, AI Evidence Format, MCP Tool Cards) plus an EdTech trio and the cross-cutting AI Incident Card.

A single Clinical AI Card cross-references the underlying Agent Card, AI Evidence documents for each validation study, and the AI Incident Card index. A CMIO pulls one card and chains through to every related disclosure in one document-graph walk. No procurement-team PDF marathon.

All specs are AGPL-3.0 for normative text, with unrestricted implementation freedom. Built by Miz Causevic.