OMP Domain Profile: Clinical AI Decision Accountability Under Joint Commission/CHAI Guidance, California SB 1120, and Emerging US State and Federal Healthcare AI Obligations

Introduction AI systems are now embedded across the clinical pathway: in medical necessity determination, prior authorisation, clinical decision support, diagnostic imaging analysis, sepsis prediction, and medication management. The pace of deployment has substantially outrun the development of regulatory frameworks that specify, with technical precision, what accountability evidence these systems must produce. Three instruments have begun to define that framework with sufficient precision to support technical specification:

The Joint Commission and CHAI Responsible Use Guide for Healthcare AI (September 2025) establishes that healthcare organisations must document human oversight of consequential AI clinical decisions, maintain evidence that qualified human reviewers evaluated AI recommendations before acting on them, and demonstrate that AI systems used in clinical settings have governance structures with named accountability.
California Senate Bill 1120 (effective January 1, 2025) requires health insurers and managed care plans to ensure that adverse determinations based on AI-generated medical necessity decisions are reviewed by a licensed physician or other qualified clinician before the determination is communicated to the patient or provider. The reviewing clinician must document their review, and the insurer must retain that documentation.
New York Assembly Bill A9149 (pending) proposes analogous requirements for health plans operating in New York, including mandatory disclosure to patients when AI was used in a coverage determination and mandatory human reviewer documentation.

These instruments converge on a structural requirement that maps directly onto OMP : every AI-assisted clinical decision that produces a consequential outcome for a patient must be either reviewed by a named, qualified human reviewer before it is acted upon, or blocked from autonomous execution and escalated to qualified human review. This document defines the CareGuard profile: the domain-specific instantiation of OMP for clinical AI accountability. CareGuard denotes that each AI-assisted clinical decision is cryptographically marked against the operator's care accountability obligations, producing a tamper-evident record before the decision affects a patient. Related OMP domain profiles include the AI Liability Insurance profile . Audit Trace payloads are canonicalized per . The OMP specification is also archived at . The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in .

Terminology This document uses the terminology defined in . In addition:

Qualified Human Reviewer (QHR): The licensed clinician or credentialed healthcare professional designated to review AI recommendations before they are acted upon. In OMP terms, the Named Accountable Officer for ASSISTED and ESCALATED interactions under this profile.
Consequential Clinical Decision: An AI-assisted decision that, if acted upon without human review, would directly affect a patient's care pathway, coverage status, medication, diagnosis, or treatment recommendation. All Consequential Clinical Decisions are subject to the CareGuard Invariant.
Adverse Determination: A determination resulting in denial, limitation, or termination of coverage or benefits for a patient, as defined in California SB 1120 and analogous state statutes. A subset of Consequential Clinical Decisions subject to the most stringent QHR documentation requirements.
Patient Safety Override: An immediate, non-negotiable interruption of an AI-assisted clinical process triggered when the AI system's output creates an imminent patient safety risk, generating an ESCALATED routing outcome, a HARD_BLOCK, and an immediate alert to the Clinical Escalation Authority.
CareGuard Invariant: The two-property invariant defined in : every Consequential Clinical Decision either generates a sealed CareGuard Audit Trace documenting QHR review before the decision is acted upon, or is blocked until QHR review is completed and documented.
Clinical Escalation Authority: The designated individual or team responsible for Patient Safety Override response. Their response is documented in the CareGuard Audit Trace.

Clinical AI Regulatory Framework Analysis

Joint Commission / CHAI Responsible Use Guide The Joint Commission and CHAI Responsible Use Guide (September 2025) requires: contemporaneous documentation that qualified clinical staff reviewed AI recommendations before acting on them; named accountability for AI clinical system governance; auditability of specific clinical decisions (what the AI recommended, whether a qualified reviewer assessed the recommendation, what the final outcome was); and documentation of failure mode handling when AI confidence is low or the training distribution does not cover the patient presentation. The contemporaneity requirement is the specific property OMP's sealed Audit Trace architecture satisfies. A QHR attestation created after the fact is not contemporaneous evidence; an OMP CareGuard Audit Trace sealed with an RFC 3161 Qualified Timestamp at the moment of QHR review is.

California SB 1120 California SB 1120 (effective January 1, 2025) requires: a physician or other licensed healthcare professional with relevant clinical expertise must review AI-generated adverse medical necessity determinations before they are communicated to the patient or provider; the reviewing clinician must document independent clinical review; health plans must retain the AI recommendation, the reviewer's documentation, and the final determination; and health plans must disclose to enrollees when AI was used in a coverage determination resulting in a denial.

New York AB A9149 New York AB A9149 (pending) proposes requirements substantively identical to California SB 1120 for health plans operating in New York, with additional provisions: patient notification in writing when AI was used in a coverage determination; patient right to request human review of any AI-assisted adverse determination; and New York DFS audit rights over health plan AI systems used in coverage determinations. The CareGuard profile is designed to satisfy both instruments through a single evidence framework.

Federal Context: ONC and CMS The CMS Interoperability and Prior Authorization Rule (CMS-0057-F , effective January 2026) requires health plans subject to CMS oversight to automate prior authorisation processes and maintain documentation of prior authorisation decisions including AI-assisted decisions. Section 5.4 addresses CMS-0057-F documentation requirements.

EU AI Act Annex III Healthcare Category The EU AI Act Annex III includes AI systems used in medical or health services as high-risk AI systems subject to Article 12 logging requirements addressed in . The CareGuard profile is designed for use in conjunction with the EUAIA profile for healthcare AI deployments subject to both EU AI Act and US clinical accountability requirements. Section 4.5 defines a compatibility field for joint deployments.

Convergent Requirements The Joint Commission/CHAI guide, California SB 1120, and the pending New York legislation define a structure that maps precisely onto OMP's three routing states: AI clinical recommendations reviewed and approved by a QHR before being acted upon correspond to ASSISTED; recommendations triggering a Patient Safety Override or confidence failure correspond to ESCALATED; fully autonomous AI clinical decisions affecting patients are NOT PERMITTED under this profile for Consequential Clinical Decisions.

OMP CareGuard Profile

Routing States Under This Profile

AUTONOMOUS: NOT PERMITTED for Consequential Clinical Decisions. WT-CLINICAL-01 MUST be configured as a universal FORCE_ASSISTED trigger for all interactions classified as Consequential Clinical Decisions. AUTONOMOUS routing is permitted only for administrative, scheduling, or non-clinical AI functions that do not directly affect a patient's care pathway, coverage, diagnosis, or treatment. Operators MUST maintain a written classification of which interaction types are non-clinical (AUTONOMOUS eligible) versus Consequential Clinical Decisions (QHR mandatory), reviewed and approved annually by the operator's AI governance authority.
ASSISTED: The standard routing state for all Consequential Clinical Decisions. The AI generates a recommendation; the QHR reviews, exercises independent clinical judgment, and documents their review before the recommendation is acted upon. The QHR's NPI, credential type, review timestamp, and clinical determination are sealed in the CareGuard Audit Trace.
ESCALATED: Triggered by: Patient Safety Override (WT-CLINICAL-02), confidence failure below the clinical safety floor (WT-CLINICAL-03), known training distribution limitation for the patient presentation (WT-CLINICAL-04), or anomalous AI output pattern (WT-CLINICAL-05). The AI recommendation MUST NOT be communicated to the patient or used in a clinical decision until the Clinical Escalation Authority has reviewed and documented a clinical disposition.

Named Accountable Officer: The Qualified Human Reviewer The Named Accountable Officer under this profile is the Qualified Human Reviewer: the licensed clinician who reviews the AI recommendation before it is acted upon. The QHR MUST hold the licensure required by applicable law for the type of clinical decision under review. For California SB 1120, the QHR MUST be a physician or other licensed healthcare professional with relevant clinical expertise. Required fields in the QHR record:

qhr_npi: National Provider Identifier (US) or equivalent national professional registration identifier. MUST NOT be null for Consequential Clinical Decisions;
qhr_credential_type: licensure category (e.g., "MD", "DO", "NP", "PA", "RN");
qhr_review_timestamp: ISO 8601 UTC timestamp of the QHR's review action -- the contemporaneity anchor for SB 1120 and Joint Commission/CHAI compliance;
qhr_clinical_determination: one of APPROVED, MODIFIED, OVERRIDDEN, ESCALATED_TO_SPECIALIST;
qhr_independent_basis: REQUIRED for MODIFIED and OVERRIDDEN; documents that the QHR exercised independent professional judgment, not merely ratified the AI recommendation.

Watchtower Definitions

WT-CLINICAL-01: Qualified Human Reviewer Gate Trigger: Any interaction classified as a Consequential Clinical Decision. Action: FORCE_ASSISTED. Cannot be disabled for Consequential Clinical Decisions. Rationale: California SB 1120 and the Joint Commission/CHAI guide require documented human oversight of consequential AI clinical decisions. This Watchtower gives these requirements structural enforcement: it is architecturally impossible for a Consequential Clinical Decision to proceed to patient impact without generating a QHR review record.

WT-CLINICAL-02: Patient Safety Override Gate Trigger: AI output contains or implies a condition the operator's clinical safety detection framework identifies as creating an imminent patient safety risk (e.g., recommendation conflicting with a known allergy or contraindication; medical necessity denial for a condition flagged as urgent; diagnostic output inconsistent with vital signs indicating acute deterioration). Action: HARD_BLOCK immediately. AI output MUST NOT be communicated to the patient, provider, or any downstream clinical process. Clinical Escalation Authority alerted immediately. Rationale: Patient safety is non-negotiable. HARD_BLOCK ensures Patient Safety Override conditions interrupt the AI pipeline rather than merely flagging it, preventing the failure mode where an AI safety concern is communicated as a recommendation rather than an immediate interrupt.

WT-CLINICAL-03: Clinical Confidence Floor Gate Trigger: Composite Confidence Score falls below the operator's configured clinical safety floor. Action: FORCE_ESCALATED. The AI recommendation MAY be provided to the Clinical Escalation Authority as context, clearly labelled as below the clinical confidence floor, but MUST NOT be acted upon as an AI recommendation. Rationale: A recommendation generated below the clinical confidence floor signals the AI system is operating outside its validated performance envelope. The appropriate clinical response is independent human judgment, not review of an unreliable recommendation.

WT-CLINICAL-04: Training Distribution Limitation Gate Trigger: Patient presentation matches a known training distribution limitation documented in the AI system's clinical validation records (e.g., demographic characteristics underrepresented in training data; clinical features identified as associated with reduced performance). Action: FORCE_ESCALATED. CareGuard Audit Trace records the specific training limitation triggered. Rationale: Known training distribution limitations create a specific duty to escalate when those limitations are relevant to a patient presentation, consistent with the Joint Commission/CHAI requirement to document AI failure mode handling.

WT-CLINICAL-05: Anomalous Output Pattern Gate Trigger: AI output deviates from expected operating parameters in ways suggesting model degradation, data drift, or adversarial input rather than a legitimate clinical edge case. Action: FORCE_ESCALATED plus system anomaly alert for review by the operator's AI governance authority. Rationale: AI clinical systems can degrade as patient population characteristics evolve away from the training distribution. Anomalous output detection provides early warning to prevent systematic patient harm from a degraded AI system operating at scale.

WT-CLINICAL-06: SB 1120 Adverse Determination Gate Trigger: For health insurer and managed care plan deployments subject to California SB 1120: AI output constitutes or implies an adverse determination. Action: FORCE_ESCALATED. MUST be reviewed by a physician or other licensed healthcare professional with relevant clinical expertise before the adverse determination is communicated to the patient or provider. Rationale: California SB 1120 creates a specific, legally enforceable requirement for QHR review of AI-generated adverse determinations. WT-CLINICAL-06 gives this requirement structural enforcement for the SB 1120 context, in addition to the general QHR Gate (WT-CLINICAL-01).

Audit Trace Schema Extensions The following fields are REQUIRED under the CareGuard profile, in addition to core fields in Section 7:

qhr_npi: string, REQUIRED for Consequential Clinical Decisions. National Provider Identifier (US) or equivalent national professional registration identifier.
qhr_credential_type: string, REQUIRED. RECOMMENDED values: "MD", "DO", "NP", "PA", "RN", "PharmD", "clinical_specialist".
qhr_review_timestamp: string, ISO 8601 UTC, REQUIRED for ASSISTED and ESCALATED. The contemporaneity anchor for SB 1120 and Joint Commission/CHAI compliance.
qhr_clinical_determination: string, REQUIRED for ASSISTED and ESCALATED. One of: APPROVED, MODIFIED, OVERRIDDEN, ESCALATED_TO_SPECIALIST.
qhr_independent_basis: string, OPTIONAL for APPROVED; REQUIRED for MODIFIED and OVERRIDDEN. Documents independent clinical judgment, not merely ratification of the AI recommendation.
patient_safety_override: boolean, REQUIRED. True if WT-CLINICAL-02 triggered a Patient Safety Override.
clinical_confidence_floor_breached: boolean, REQUIRED. True if WT-CLINICAL-03 triggered for this interaction.
training_limitation_triggered: string, OPTIONAL. Identifier of the specific training distribution limitation that triggered WT-CLINICAL-04, if applicable.
deployment_category: string, REQUIRED. One of: "medical_necessity", "clinical_decision_support", "diagnostic_assistance", "prior_authorisation", "administrative".
sb1120_adverse_determination: boolean, REQUIRED for health insurer and managed care plan deployments in California. True if WT-CLINICAL-06 triggered.
euaia_joint_deployment: boolean, OPTIONAL. True if this deployment is also subject to EU AI Act Article 12 requirements addressed in .
profile_version: string, REQUIRED. MUST be "VERIDOM-CAREGUARD-v1.0".

Clinical Deployment Category Mapping For medical necessity determinations: WT-CLINICAL-01 and WT-CLINICAL-06 MUST be active. deployment_category MUST be "medical_necessity". For California deployments, sb1120_adverse_determination MUST be evaluated for every interaction. The QHR MUST hold the SB 1120-required credential. Audit Traces MUST be retained for a minimum of three years from the determination date for California SB 1120 compliance. For clinical decision support: WT-CLINICAL-01 through WT-CLINICAL-05 MUST be active. deployment_category MUST be "clinical_decision_support". The QHR is the treating clinician who acts on the AI recommendation at the point of care; their NPI MUST be recorded. WT-CLINICAL-04 MUST be configured with the training distribution limitations documented in the AI system's clinical validation records and FDA 510(k) clearance documentation where applicable. For diagnostic AI assistance: WT-CLINICAL-01 through WT-CLINICAL-05 MUST be active. WT-CLINICAL-02 is particularly critical: a diagnostic AI recommendation conflicting with clinical findings indicating acute deterioration MUST trigger HARD_BLOCK. deployment_category MUST be "diagnostic_assistance". The QHR is the licensed clinician who interprets the AI output and issues the diagnostic report. For prior authorisation AI systems: WT-CLINICAL-01 and WT-CLINICAL-06 MUST be active. deployment_category MUST be "prior_authorisation". For CMS-regulated health plans, CareGuard Audit Traces for prior authorisation decisions MUST be retained and producible for CMS audit within the timeframes specified by CMS-0057-F. Audit Traces MUST record whether the prior authorisation request was subject to a required response timeline and whether QHR review was completed within that timeline.

The CareGuard Invariant Implementations of this profile MUST satisfy the following two-property invariant:

Property 1 (QHR review completeness): Every Consequential Clinical Decision MUST generate a sealed CareGuard Audit Trace documenting QHR review before the AI recommendation is acted upon, communicated to a patient or provider, or used in a coverage determination. No Consequential Clinical Decision may affect a patient without a contemporaneous, sealed QHR review record.
Property 2 (Immutable trail): The CareGuard Audit Trace MUST be sealed with the three-layer integrity architecture defined in Section 7. Any modification to any historical Audit Trace record MUST be detectable by any third party -- including a state regulator, CMS, the Joint Commission, or a court -- without access to the operator's or OMP implementer's infrastructure.

An operator satisfying the CareGuard Invariant can demonstrate, for any Consequential Clinical Decision: the AI recommendation as generated; the QHR's identity (NPI), credential type, and review timestamp establishing contemporaneity for SB 1120 and Joint Commission/CHAI purposes; the QHR's clinical determination and independent basis where required; Watchtower evaluation results; whether a Patient Safety Override was triggered; and that the record has not been altered since sealing.

Patient Safety Override Architecture When WT-CLINICAL-02 triggers a Patient Safety Override: (a) the AI system's output is immediately blocked -- no further processing of the AI recommendation occurs; (b) a Patient Safety Override Audit Trace is generated immediately with patient_safety_override set to true, the specific safety condition identified, and a UTC timestamp sealed with an RFC 3161 TimeStampToken; (c) the Clinical Escalation Authority is alerted immediately; (d) the Clinical Escalation Authority's response -- including the responding clinician's identity, response timestamp, and clinical disposition -- MUST be recorded in the CareGuard Audit Trace within the operator's configured maximum response time; (e) no further AI-assisted processing of this interaction MAY occur until the Clinical Escalation Authority has documented a clinical disposition. The Patient Safety Override architecture prevents the failure mode documented in published adverse event reports involving AI clinical systems: a patient safety concern detected by an AI system that was communicated as a recommendation rather than as an immediate interrupt, resulting in delayed clinical response. OMP's HARD_BLOCK mechanism ensures Patient Safety Override conditions interrupt the AI pipeline, not merely flag it.

Clinical Proof-Point as Regulatory Evidence The OMP Proof-Point artefact for a clinical deployment MUST include, for each Consequential Clinical Decision: the full CareGuard Audit Trace including the AI recommendation as generated; the QHR review record; the Watchtower evaluation log; chain integrity proof (SHA-256 Merkle root and chain path); and the RFC 3161 TimeStampToken verification output from the OMP Reference Validator , confirming the temporal anchor that establishes contemporaneity. This artefact is self-contained: a state insurance regulator, CMS auditor, Joint Commission reviewer, plaintiff's attorney, or expert witness can verify its integrity using only the OMP Reference Validator and the Timestamp Authority's public key material, without access to the operator's infrastructure. For SB 1120 adverse determination appeals, the CareGuard Audit Trace provides: documentation of independent QHR review (SB 1120 requirement); RFC 3161 timestamp proving contemporaneity; qhr_independent_basis documenting independent clinical judgment; and the three-layer integrity architecture proving the record has not been altered.

Security Considerations The security considerations of apply in full. Patient data sensitivity: CareGuard Audit Traces will routinely contain or be associated with Protected Health Information (PHI) under HIPAA. Operators MUST implement HIPAA-compliant safeguards for Audit Trace storage, access, and disclosure. QHR identity integrity: The qhr_npi field MUST reflect the NPI of the actual clinician who reviewed the AI recommendation. Operators MUST implement technical controls to prevent NPI assignment without the clinician's authenticated action. The review_timestamp MUST be set by the OMP pipeline at the time of the QHR's authenticated review action. Patient Safety Override integrity: The patient_safety_override field MUST be set by the OMP Watchtower framework, not by the operator's application layer. Operators MUST NOT implement mechanisms allowing the patient_safety_override flag to be unset after being set by WT-CLINICAL-02. Confidence floor integrity: Changes to the clinical confidence floor MUST be treated as configuration changes requiring the same governance approval as clinical protocol changes, and MUST generate a WT-CLINICAL-05 anomaly record.

IANA Considerations This document has no IANA actions.