Governance & Program Info
Patient Flow & Capacity Optimization — Governance
Cross-builder institution context and per-item ownership, due dates, status, and next actions for the governance-relevant checklist items in this builder.
Institution context
Program info
Applies across every builder in the app. Stored locally; nothing leaves the browser.
Checklist governance
Items (0 of 16 marked complete)
Annotate ownership, due date, status, and next action. Items on the left come from the builder's governance / compliance phases.
05 · Governance & Compliance
Map HIPAA Privacy and Security Rule obligations to the ML stack
Identify which 45 CFR 164 controls apply to training, feature store, inference, and audit log.
05 · Governance & Compliance
Execute Business Associate Agreements for every cloud component
Every vendor that touches PHI (including training-data platforms, monitoring platforms, LLM providers) requires a BAA — with specific language on AI/ML use and subprocessors.
05 · Governance & Compliance
Enforce minimum-necessary access and access logging
Role-based access to training data, feature store, and inference logs — HIPAA 164.514 minimum-necessary standard applies.
05 · Governance & Compliance
De-identification methodology for research and benchmarking
Safe Harbor (45 CFR 164.514(b)(2)) or Expert Determination — document the methodology and retain the certification.
05 · Governance & Compliance
Document CMS Conditions of Participation alignment
Capacity AI does not directly implement CoP, but its operational impact (ED boarding, transfers, discharge timing) is CoP-adjacent — document alignment.
05 · Governance & Compliance
Review CMS boarding-time accountability framework
CMS has finalized boarding-time measurement and accountability in the late-2025 rulemaking cycle. Review the current CMS framework for applicable reporting and payment implications.
05 · Governance & Compliance
Audit-trail completeness for CMS documentation
Every forecast, every threshold crossed, every operational decision taken in response — logged with model version, feature snapshot, and user.
05 · Governance & Compliance
Align to NIST AI RMF 1.0 (Govern / Map / Measure / Manage)
NIST AI RMF 1.0 is the de facto US baseline for AI governance — map forecasting system to all four functions.
05 · Governance & Compliance
Complete model documentation package (model card)
Purpose, training data window, known limitations, failure modes, validation results, fairness assessment — per NIST AI RMF Measure function.
05 · Governance & Compliance
Independent model validation
Second-line or external validation of logic, data, assumptions, and performance claims. Independent of development team.
05 · Governance & Compliance
Change management and model versioning
Approval path for model updates, testing requirements, version pinning, rollback, audit trail.
05 · Governance & Compliance
Fairness / disparate impact assessment
Capacity AI can encode disparate impact if discharge-readiness predictions are systematically slower for protected classes — assess and document.
05 · Governance & Compliance
Review ONC HTI-2 embedded-vendor AI transparency obligations
ONC HTI-2 (published 2024, phased compliance) adds transparency obligations for predictive decision-support AI embedded in certified EHRs.
05 · Governance & Compliance
EU AI Act applicability review (if EU deployment)
EU AI Act (Regulation 2024/1689) classifies AI in healthcare as high-risk — applicable to any EU hospital deployment.
05 · Governance & Compliance
21 CFR Part 11 applicability review
21 CFR Part 11 applies where forecasting records are used for FDA-regulated activities (clinical trials, drug administration) — most capacity AI is out of scope, but confirm.
05 · Governance & Compliance
Board-level AI governance reporting
Forecast accuracy, boarding-time trend, diversion rate, and fairness metrics should surface in board risk reporting, not only throughput dashboards.