The differentiated story is what is already built and independently verifiable: offline verification, tenant isolation, key isolation, audit replay, and safe reversal. We name our certification posture plainly, formal attestations are on the roadmap, and we say so rather than imply them.
Evidence verifies from a bundle and public key alone, without a live application session. Try it at verify.geoclearhealth.com.
Row-level data isolation verified in testing with the application filter disabled, not just app-layer WHERE clauses.
Per-tenant signing keys; cross-tenant signing denied at the key-management layer.
A bitemporal, hash-chained, replayable record, defensible to a credentialing or Joint Commission review.
No blind deprovisioning; active-clinical-context + CMO gate; peer-review/FPPE firewalled out of the engine.
AI abstains on low confidence and routes to humans; AI never signs governance or grants privileges. Standing fairness evaluation across degree / training-origin / specialty.
Enterprise buyers expect precision about what is live, synthetic, gated, or roadmap. Here is the current state.
Canonical readiness states: LIVE-CAPABLE · SYNTHETIC · CONTRACT-GATED · KEY-GATED · GATED · ROADMAP. We never label a source live unless it is actually called.
| Capability | Readiness | Context |
|---|---|---|
| Offline verification (bundle + public key) | LIVE-CAPABLE | Verified today in synthetic mode |
| Tenant isolation & per-tenant key isolation | LIVE-CAPABLE | Built & verified in testing |
| Clinical Authority Attestation + hash-chained ledger | SYNTHETIC | Built; not production signing |
| Safe reversal (active-context + CMO gate) | SYNTHETIC | Built; synthetic pathway |
| NPI identity · OIG/SAM exclusions | LIVE-CAPABLE | Public, non-PHI primary source |
| NPDB · state boards · CAQH · board certification | CONTRACT-GATED | Synthetic until agreement/access |
| Production signing · real PHI | GATED | BAA + counsel + security |
| SOC 2 · HITRUST · FedRAMP · NCQA CVO path | ROADMAP | Preparing; not certified |
HIPAA/BAA before any PHI · SOC 2 Type II window · HITRUST r2 · FedRAMP (Moderate/High) for federal · preparing for an NCQA CVO path (we explain prerequisites; we do not imply certification, reliance, or an operating clock unless literally true).