TruthNexus
Compliance Certification · Cross-domain

AI compliance certification as a single API call

Clinical AI vendors face five overlapping regulatory frameworks — FDA CDS Guidance, EU AI Act Article 13, ONC HTI-1, CMS-0057-F, and HIPAA. Skippy Certify evaluates any AI-generated clinical output against all five and issues a structured compliance certificate with gap analysis and remediation steps.

Request AccessAPI Reference →
How It Works
01

Submit

POST your AI output text, the sources cited, and the reasoning chain your system used.

02

Evaluate

Skippy Certify checks each regulatory requirement: source traceability, confidence calibration, audit trail completeness, human oversight triggers.

03

Certificate

Receive a structured compliance certificate: pass/fail per framework, gap analysis, specific remediation steps, and an immutable audit record.

Failure Modes

What a non-compliant output actually looks like

Two real failure modes Certify flags before they reach a patient, a payer, or an auditor.

DDI summary citing a retracted paper
Without Certify

An AI summarises a warfarin–amiodarone interaction citing PMID 31234567. That paper was retracted in 2024 for fabricated pharmacokinetic data. The model has no way to know — it was trained before the retraction notice. The recommendation ships unchecked.

With Certify

Certify checks each cited PMID against retraction registries at assessment time. The retracted identifier is flagged. The certificate returns NON_COMPLIANT under FDA CDS Guidance and EU AI Act Article 13, with the retracted PMID listed and remediation steps included.

Check fired: no_retracted_citations
Prior-auth denial with no specific rationale
Without Certify

An AI-assisted payer system issues: “Request denied: not medically necessary.” No drug name, no diagnosis code, no clinical criterion cited. The patient's care team cannot appeal effectively. Under CMS-0057-F, this is a compliance violation.

With Certify

The specific_rationale check evaluates the reasoning chain for clinical specificity. Generic-only language — no drug name, dose, ICD code, or named criterion — triggers NON_COMPLIANT under CMS-0057-F, with exact remediation listing which clinical parameters are absent.

Check fired: specific_rationale
Five Frameworks. One Certificate.

Every regulatory requirement, checked automatically

FDA CDS Guidance

Enforcing
January 2026

Expose reasoning chain and data sources to enable independent clinician review. AI that cannot show its evidence chain loses enforcement discretion and risks Class II device classification.

EU AI Act — Article 13

Enforcing
August 2026

Calibrated confidence, auditable decisions, and technical documentation of knowledge base. Non-compliance: up to 3% of global annual revenue.

ONC HTI-1

Active
Active

Performance documentation for predictive decision support tools in ONC-certified EHRs. Undocumented AI in a certified EHR risks CHPL decertification.

CMS-0057-F

Active
January 2027

Specific, actionable clinical rationale for every PA denial — traceable to named, versioned criteria. AI-driven PA decisions must meet this standard.

HIPAA §164.312(b)

Active
Active

Audit controls documenting all activity on clinical AI systems accessing PHI. Immutable logs of who queried what and when.

Regulatory Artifact Packs

Pre-assembled compliance documentation. Not templates — evidence.

Enterprise customers receive three production-ready artifact packs grounded in Skippy's gate run results, ECE benchmark methodology, retraction monitoring SLA, and key-person documentation. Each pack is suitable for regulator submission — not marketing collateral.

EU AI Act Pack
August 2026
  • ·Article 9 — Risk management system
  • ·Article 13 — Transparency obligations
  • ·Article 14 — Human oversight controls
  • ·Article 15 — Accuracy & robustness
  • ·Conformity assessment template
  • ·Deployer checklist
FDA SaMD Pack
De Novo / 510(k) ready
  • ·PCCP gate history (full audit trail)
  • ·SaMD categorization rationale
  • ·Clinical evaluation evidence
  • ·Validation package
  • ·Pre-submission meeting template
  • ·Post-market surveillance plan
CMS-0057-F Pack
January 2027
  • ·Prior Authorization API conformance
  • ·Patient Access API compliance
  • ·FHIR R4 conformance documentation
  • ·Transparency requirements evidence
  • ·Audit trail specification
  • ·Implementation guide

Packs are grounded in gate run results, ECE benchmark methodology, and retraction monitoring SLA — not self-certification. Available post-NDA for Enterprise customers.

Who It's For

Every team shipping clinical AI

Clinical AI Vendors
Prove compliance before FDA submission or enterprise sales cycle. Get the gap analysis before the regulator does.
EHR Vendors
Add AI to certified EHR systems without risking ONC HTI-1 decertification. Document compliance per module.
Health Plans
Verify AI-driven PA decisions are CMS-0057-F compliant before they generate denials subject to appeal.
Pharma Medical Affairs
Certify AI-generated promotional materials and clinical communications before FDA review.

Start with one framework. See what's missing.

Run a free compliance assessment against any single framework. Enterprise access covers all five with full certificate issuance and audit records.

Request AccessSecurity documentation →