Boundary Release Approval Matrix
SCRIMED can track every required approval without prematurely unlocking any preserved boundary.
This matrix turns the approval path into owned steps, evidence requirements, signoff lanes, and release hashes. It documents what is prepared, what remains externally required, and why production authority stays fail-closed until named human approvals exist.
Release rule
Documented is not approved. SCRIMED still requires named release authority.
SCRIMED Boundary Release Approval Matrix documents the approval path for preserved NO-GO boundaries. It does not grant PHI authority, clinical authority, payer submission authority, EHR writeback authority, production connector approval, certification claims, or customer go-live approval.
The matrix can complete the approval path documentation, but it cannot relieve a boundary. A separate named human release decision must be created after all evidence and signoffs are approved.
Approval path
Each preserved boundary has an approval path, missing evidence, signoff lanes, and a safe workaround.
Attach each preserved boundary to its evidence packet, assign the missing signoff owners, and keep the runtime fail-closed until approved release decisions exist.
Live PHI / ePHI processing
No live PHI, patient identifiers, source medical records, production credentials, or raw connector payloads.
- Can relieve now: false
- Unlocks only after: HIPAA security risk analysis, BAA coverage, tenant isolation, privacy/security review, customer authorization, and incident-response evidence are complete.
- Release hash: 5366e6d20895bfa5
- Safe workaround: Use synthetic fixtures, de-identified metadata planning, and no-PHI Health Records Safety Exchange reviews.
Clinical decision support
No final diagnosis, treatment recommendation, triage replacement, clinical validation claim, or autonomous clinical authority.
- Can relieve now: false
- Unlocks only after: Intended use, FDA/CDS analysis, clinical safety case, validation protocol, evidence visibility, and clinician governance are approved.
- Release hash: e10f6630fc430147
- Safe workaround: Offer synthetic Clinical Robustness Lab reviews, evidence summaries, and clinician-reviewed draft support only.
Autonomous diagnosis, treatment, prescribing, or imaging interpretation
No autonomous diagnosis, treatment, prescribing, order placement, pharmacy action, or imaging interpretation.
- Can relieve now: false
- Unlocks only after: A separate regulated clinical product pathway, malpractice coverage, medical governance, prescribing compliance, and production safety case are approved.
- Release hash: ee48d433d3367a9b
- Safe workaround: Use draft-only education, documentation support, and clinician-reviewed safety/evidence summaries.
EHR writeback and production connector activation
No EHR writeback, chart filing, record mutation, order entry, or production connector approval.
- Can relieve now: false
- Unlocks only after: Customer authorization, EHR vendor app registration, scoped SMART/FHIR permissions, sandbox validation, rollback plan, and clinical signoff are complete.
- Release hash: bffd1ce5c88e3ed7
- Safe workaround: Generate draft packets and human-readable summaries for manual review outside SCRIMED writeback paths.
Payer submission, prior authorization, claims, and appeals
No autonomous payer submission, claim filing, prior authorization submission, appeal filing, or reimbursement guarantee.
- Can relieve now: false
- Unlocks only after: Trading partner agreement, payer/clearinghouse approval, X12/FHIR validation, provider attestation, and human submitter approval are complete.
- Release hash: aeb45559072d24b6
- Safe workaround: Create draft prior-auth and claims packets for human review without transmitting to payers.
Clinical research, outcomes learning, and human-subject data
No live patient research, outcomes learning from identifiable data, or human-subject research claims without protocol review.
- Can relieve now: false
- Unlocks only after: IRB determination or approval, consent/waiver analysis, protocol, privacy review, and data-minimization controls are complete.
- Release hash: f5b64feb70e6f3c7
- Safe workaround: Use synthetic scenarios, public literature, and reviewer-created SME expectations without live patient data.
SOC 2, HIPAA, HITRUST, ISO, FDA, ONC, and certification claims
No certification, clearance, validation, compliance-completion, or audited-report claims unless independently verified.
- Can relieve now: false
- Unlocks only after: Qualified auditor, assessor, regulator, or certification body evidence exists for the exact claim and scope.
- Release hash: 283d92647b1535e7
- Safe workaround: Say SCRIMED is preparing for audit/readiness review; do not claim certification, clearance, or compliance completion.
Global operation, data residency, GDPR, EHDS, and EU AI Act readiness
No global launch, regional regulatory approval, data-residency approval, public-sector procurement approval, or EU AI Act compliance claim.
- Can relieve now: false
- Unlocks only after: Regional counsel, privacy review, DPA/SCCs where needed, DPIA, data-residency decision, AI Act classification, and customer approval are complete.
- Release hash: 795bee1378a5bd9b
- Safe workaround: Use synthetic regional readiness packs and keep production data inside the approved existing environment.
Customer go-live and production release
No customer go-live approval, production connector approval, production clinical workflow approval, or managed-service commitment.
- Can relieve now: false
- Unlocks only after: Customer acceptance, security review, clinical/operational owner signoff, rollback plan, support plan, and release authority are complete.
- Release hash: 139bc047a9250d60
- Safe workaround: Run synthetic demos, no-PHI pilots, and protected diligence rooms until customer go-live authority exists.
Evidence work queue
Pending approvals become metadata-only work items; raw evidence stays outside public SCRIMED surfaces.
metadata-only-evidence-work-queue-active. 133 work items are required before any boundary can move toward a named human release decision.
risk analysis report
No PHI authority until qualified security/privacy review signs the risk analysis.
- Owner: Security officer and qualified HIPAA advisor
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: c4a4dbee69be23b5
risk treatment plan
No PHI authority until qualified security/privacy review signs the risk analysis.
- Owner: Security officer and qualified HIPAA advisor
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: 0643e0def3f403cb
control evidence
No PHI authority until qualified security/privacy review signs the risk analysis.
- Owner: Security officer and qualified HIPAA advisor
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: 988f2b37f9b69dd1
executive acceptance record
No PHI authority until qualified security/privacy review signs the risk analysis.
- Owner: Security officer and qualified HIPAA advisor
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: 42c1db0abe994c07
executed BAA
No live PHI until signed agreements exist and are retained outside public code.
- Owner: Legal, privacy, vendor management, and customer sponsor
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: ae8b69e8ad04053e
subprocessor BAA/DPA
No live PHI until signed agreements exist and are retained outside public code.
- Owner: Legal, privacy, vendor management, and customer sponsor
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: c237ddbc6c40ad64
vendor security review
No live PHI until signed agreements exist and are retained outside public code.
- Owner: Legal, privacy, vendor management, and customer sponsor
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: e6655e4d7784dcbd
contract owner approval
No live PHI until signed agreements exist and are retained outside public code.
- Owner: Legal, privacy, vendor management, and customer sponsor
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: a1eb612186d2c854
RLS/RBAC evidence
No PHI workflow until protected runtime controls are tested with customer-specific approval.
- Owner: Platform, security, privacy, and tenant admin
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: b09130aeef07e417
audit-log packet
No PHI workflow until protected runtime controls are tested with customer-specific approval.
- Owner: Platform, security, privacy, and tenant admin
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: fc024d20e97ee9af
incident response tabletop
No PHI workflow until protected runtime controls are tested with customer-specific approval.
- Owner: Platform, security, privacy, and tenant admin
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: 5846d2cbc8ece4fb
access review evidence
No PHI workflow until protected runtime controls are tested with customer-specific approval.
- Owner: Platform, security, privacy, and tenant admin
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: 5f8208178c0d4a42
regulatory memo
No public clinical authority claim until regulatory classification is complete.
- Owner: Regulatory counsel, clinical safety, and executive approver
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: 9952613dddb499e2
SaMD/CDS assessment
No public clinical authority claim until regulatory classification is complete.
- Owner: Regulatory counsel, clinical safety, and executive approver
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: 17d898ad8de9e217
excluded/regulated rationale
No public clinical authority claim until regulatory classification is complete.
- Owner: Regulatory counsel, clinical safety, and executive approver
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: 522265f06734fa4f
external counsel review
No public clinical authority claim until regulatory classification is complete.
- Owner: Regulatory counsel, clinical safety, and executive approver
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: 8fe3403cc516fad6
validation protocol
No clinical validation claim until protocol results are reviewed and approved.
- Owner: Clinical QA, specialty reviewer, data science, and safety officer
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: a6cd7d7e6c8cef3e
synthetic and retrospective test plan
No clinical validation claim until protocol results are reviewed and approved.
- Owner: Clinical QA, specialty reviewer, data science, and safety officer
- Kind: approval-step-evidence
- Accepts raw evidence: false
- Hash: 2c9db3db2bcc6210
Step ledger
Every step is noted; unresolved steps remain blockers instead of implied approvals.
Live PHI / ePHI processing
- 1. PHI data inventory and classification: prepared; evidence satisfied: true
- 2. HIPAA security risk analysis: external_required; evidence satisfied: false
- 3. BAA and subprocessor coverage: external_required; evidence satisfied: false
- 4. Tenant isolation, audit, and incident response: blocked_pending_evidence; evidence satisfied: false
- privacy: pending_external
- security: pending_external
- legal: pending_external
- customer: pending_customer
- engineering: pending_internal
Clinical decision support
- 1. Intended-use and user-control definition: prepared; evidence satisfied: true
- 2. FDA/CDS/SaMD classification review: external_required; evidence satisfied: false
- 3. Clinical validation and safety protocol: external_required; evidence satisfied: false
- 4. Clinician final authority workflow: tracked; evidence satisfied: false
- clinical: pending_external
- regulatory: pending_external
- legal: pending_external
- security: pending_internal
- customer: pending_customer
Autonomous diagnosis, treatment, prescribing, or imaging interpretation
- 1. Autonomous authority ban retained: prepared; evidence satisfied: true
- 2. Regulated product pathway: external_required; evidence satisfied: false
- 3. Prescribing, ordering, EHR, and pharmacy compliance: external_required; evidence satisfied: false
- clinical: pending_external
- regulatory: pending_external
- legal: pending_external
- customer: pending_customer
EHR writeback and production connector activation
- 1. Read-only sandbox validation: tracked; evidence satisfied: false
- 2. Write-scope and change-control approval: customer_required; evidence satisfied: false
- 3. Production connector review: external_required; evidence satisfied: false
- customer: pending_customer
- security: pending_external
- clinical: pending_customer
- engineering: pending_internal
Payer submission, prior authorization, claims, and appeals
- 1. Payer workflow scope and provider attestation: prepared; evidence satisfied: true
- 2. Trading partner and payer approval: external_required; evidence satisfied: false
- 3. X12/FHIR validation and human review: blocked_pending_evidence; evidence satisfied: false
- payer: pending_external
- customer: pending_customer
- legal: pending_external
- engineering: pending_internal
Clinical research, outcomes learning, and human-subject data
- 1. Research purpose and protocol: tracked; evidence satisfied: false
- 2. IRB, consent, and waiver review: external_required; evidence satisfied: false
- 3. Outcome learning governance: blocked_pending_evidence; evidence satisfied: false
- research: pending_external
- privacy: pending_external
- clinical: pending_external
- engineering: pending_internal
SOC 2, HIPAA, HITRUST, ISO, FDA, ONC, and certification claims
- 1. Claim inventory and prohibited language control: prepared; evidence satisfied: true
- 2. SOC 2 readiness and audit path: external_required; evidence satisfied: false
- 3. Regulatory and certification body review: external_required; evidence satisfied: false
- legal: pending_external
- security: pending_external
- regulatory: pending_external
- finance: pending_external
Global operation, data residency, GDPR, EHDS, and EU AI Act readiness
- 1. Regional data map and lawful basis: tracked; evidence satisfied: false
- 2. DPIA, DPA/SCCs, and data residency review: external_required; evidence satisfied: false
- 3. AI Act and regional AI classification: external_required; evidence satisfied: false
- privacy: pending_external
- legal: pending_external
- regulatory: pending_external
- customer: pending_customer
- security: pending_external
Customer go-live and production release
- 1. Pilot acceptance criteria and scope control: prepared; evidence satisfied: true
- 2. Release readiness evidence: blocked_pending_evidence; evidence satisfied: false
- 3. Formal go-live approval: customer_required; evidence satisfied: false
- customer: pending_customer
- security: pending_external
- engineering: pending_internal
- operations: pending_internal
- legal: pending_external