Governance & Program Info
Predictive Readmission & Care Gap Identification — Governance
Cross-builder institution context and per-item ownership, due dates, status, and next actions for the governance-relevant checklist items in this builder.
Institution context
Program info
Applies across every builder in the app. Stored locally; nothing leaves the browser.
Checklist governance
Items (0 of 15 marked complete)
Annotate ownership, due date, status, and next action. Items on the left come from the builder's governance / compliance phases.
05 · Governance & Compliance
Confirm HIPAA Privacy and Security Rule controls (45 CFR 160 / 164)
Administrative, physical, and technical safeguards covering the training data, feature store, inference runtime, and audit log.
05 · Governance & Compliance
Execute Business Associate Agreements with every vendor in the data path
Cloud providers, NLP vendors, population-health vendors, and monitoring vendors — each needs a BAA before PHI flows.
05 · Governance & Compliance
Apply 42 CFR Part 2 handling for SUD / behavioral health data
SUD diagnosis and treatment data carries 42 CFR Part 2 constraints above the HIPAA baseline — consent and disclosure rules differ.
05 · Governance & Compliance
Minimum-necessary review for PHI used in training and inference
Document the minimum-necessary determination for each PHI element — HIPAA requirement and a meaningful privacy baseline.
05 · Governance & Compliance
Confirm 21 CFR Part 11 applicability
If the model output feeds FDA-regulated device decisioning or GxP processes, 21 CFR Part 11 electronic-records controls apply.
05 · Governance & Compliance
Map CMS HRRP measurement windows and exclusions
HRRP counts unplanned readmissions within 30 days, with condition-specific planned-readmission exclusion lists — the measurement definition must match the label.
05 · Governance & Compliance
Document HTI-1 Predictive DSI source attributes
ONC HTI-1 (2023 final rule) requires source attribute disclosure for Predictive Decision Support Interventions in certified EHRs — document them even if deployed outside a certified EHR.
05 · Governance & Compliance
Prepare HTI-2 bias-testing and transparency documentation
ONC HTI-2 (2024–2025 rulemaking) extends transparency, bias testing, and source attribute disclosure expectations for PDSI — build the artifacts now, not at certification time.
05 · Governance & Compliance
Map state-level algorithmic accountability obligations
Select the state rules applicable to your footprint.
05 · Governance & Compliance
Anchor governance in NIST AI RMF 1.0
NIST AI RMF 1.0 (Govern / Map / Measure / Manage) is the de facto federal reference framework — aligning to it satisfies most regulator expectations at once.
05 · Governance & Compliance
Independent model validation before deployment
Second-line or external independent team validates model logic, data, assumptions, fairness metrics, and performance claims.
05 · Governance & Compliance
Per-prediction audit trail
Every production score logged with model version, feature snapshot, subgroup flag, and feature attribution — suitable for regulatory inquiry and clinical review.
05 · Governance & Compliance
Clinical governance / Medical Executive Committee review
The model's intended use, known limitations, and outcome evidence are reviewed by the MEC or equivalent clinical governance body.
05 · Governance & Compliance
SHAP / reason-code output per prediction
Per-score feature attribution exposed to the clinician in the care-management workflow — required for clinical trust and for HTI-2 transparency.
05 · Governance & Compliance
Board-level AI risk reporting
Model performance, fairness metrics, intervention reach, and HRRP-penalty delta reported to the board on a recurring cadence.