Prova for Healthcare

AI in clinical workflows, with an audit trail.

Health systems, payers, and clinical research teams use Prova as the control plane for AI in clinical summaries, prior-authorization, and regulatory work. Tamper-evident receipts, PHI / PII detection at the gateway, HIPAA-aligned audit trail.

HIPAA
aligned signed audit trail
Self-host
deployment with HSM-backed signing
5
inline detectors including PHI / PII + groundedness

The problem with unverified AI reasoning

AI in clinical workflows with no audit trail

Summarization and prior-auth models touch protected health information dozens of times a day. Without a signed receipt per decision, an OCR audit or breach review has nothing to go on.

PHI leakage into downstream agents

Agent A summarizes a chart; Agent B drops the summary into a vendor model call. The PII / PHI detector catches the leak at the gateway and signs the attempt. Raise the policy to block to stop the call before the downstream model sees it.

Prior-auth at scale, with appeals risk

Payers process thousands of AI-assisted determinations a day. A signed receipt per decision is the only evidence that will survive an appeal or a state attorney general inquiry.

How Prova solves it

1

Signed receipt per clinical AI decision

Every AI call lands in the Audit Vault as an Ed25519-signed receipt. Attach it to the chart, the appeal packet, or the regulator submission. Independently verifiable without trusting Prova.

2

PHI / PII screening at the gateway

Gateway mode runs the PII and PHI policies before the model call. They detect and record by default; raise pii_in_prompt or phi_in_prompt to block and the gateway stops the call before the prompt leaves. Every attempt is captured either way.

3

Self-hosted for PHI workloads

Deploy on your own infrastructure with no outbound calls. Receipt signing key stays in your environment. BAAs available for managed deployments.

4

Boundary manifest per clinical agent run

Declare the data scopes a clinical-decision agent may touch (patient_id, encounter_id) and the tools it may call. The boundary_violation policy signs an audit trail of any breach. The medical_decision_no_hitl policy enforces human review where Article 14 oversight requires it.

Bring clinical AI under one control plane.

Self-hosted deployment available. BAAs for managed tiers.