Powered by OpenAIRE graph
Found an issue? Give us feedback
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/ ZENODOarrow_drop_down
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
ZENODO
Report
Data sources: ZENODO
Zenodo
Claim

PDI Verify: An Adversarial Audit Methodology for AI-Assisted Clinical Software — Extended with Dual-Axis Clinical Context Preservation

descriptionPublicationkeyboard_double_arrow_right Report Under curation English Publisher:Zenodo
Authors: Bristow, Dan;

doi: 10.5281/zenodo.20533609

PDI Verify: An Adversarial Audit Methodology for AI-Assisted Clinical Software — Extended with Dual-Axis Clinical Context Preservation

Abstract

We present PDI Verify, an adversarial audit methodology for AI-assisted clinical software handling protected health information (PHI), with a novel extension: the dual-axis clinical context preservation standard (A11). The core framework comprises Phase 1 (behavioral and static analysis: 8 audit domains, 5 evidence tiers, 20 specialized scanners) and Phase 2, the Munger Defense Posture (10 adversarial attack classes derived by systematically inverting system design claims). Phase 3 generates dual-audience remediation output — engineer-grade fix code and HIPAA-counsel-grade regulatory language — from a single evidence model. This extended version introduces two additional contributions: (1) the A11 Clinical Context Preservation Battery, a 21-case adversarial test suite establishing that a passing security result (A10 BLOCKED) is insufficient without co-equal confirmation that clinical data survived the privacy pipeline (A11 PRESERVED); and (2) the tokenization-rehydration privacy architecture, a novel approach to clinical AI privacy in which PHI is replaced with reversible typed tokens client-side before any API call, the model processes tokenized text, and original values are restored via an ephemeral local key-value map — making PHI transmission to external AI services architecturally unnecessary rather than contractually managed. Applied to PDI Med (v1.0), an OB/GYN clinical intelligence platform, Phase 2 cycle 1 identified 8 confirmed breaches. Four product commits and 5 audit framework self-corrections resolved all findings. Phase 2 cycle 2 confirmed PDI Verified: zero breaches across 10 attack classes, with A10 resolving to BLOCKED_WITH_PRESERVATION on the novel PP-04 case (BRCA variant/accession split). The A11 v2 battery achieved 24/24 PRESERVED across 21 cases including paraphrase equivalence across three OB/GYN documentation styles and semantic ground truth comparison. A10 security for the tokenization pipeline stage is CANNOT_CONFIRM pending implementation, reported with full transparency. We propose PP-04 as a standard benchmark for clinical de-identification systems, and the dual-axis A10+A11 certification standard as the minimum bar for clinical AI evaluation.

Powered by OpenAIRE graph
Found an issue? Give us feedback