QA Evidence

QA Activation Seal

SCRIMED now has a final seal gate before packet-backed buyer proof language.

The seal separates candidate completeness from protected evidence visibility, keeping SCRIMED activation-ready until a human AAL2 run, protected packet hash, Proof Promotion, and Claim Guard all line up.

Statusmanual-aal2-qa-activation-seal-ready
Decisionunsealed-human-aal2-required
Seal allowedno
Buyer useno
Rules7
Hard stops4
Evidence fields10
Blocked claims14

Boundary

Public checks cannot create a sealed state; protected packet visibility is required.

SCRIMED QA Activation Seal checks whether manual AAL2 synthetic QA evidence can be treated as buyer-diligence-ready. Public checks can validate no-secret candidate completeness only; actual sealing requires protected workspace packet visibility. This does not execute passkey ceremonies, store tokens, store PHI, replace counsel, certify security or compliance, authorize live clinical care, guarantee reimbursement, approve production connectors, or grant production clinical authority.

01manual-aal2-qa-launch-kit-ready
02manual-aal2-qa-completion-bridge-ready
03manual-aal2-qa-claim-guard-ready
04manual-aal2-qa-proof-promotion-gate-ready

Current decision

SCRIMED has a no-secret activation path, but the QA Activation Seal remains unsealed until protected packet evidence is visible.

Complete Launch Kit, validate dispatch through Human Run Packet, validate through Completion Bridge, persist protected no-secret metadata, confirm Proof Promotion, then run Claim Guard before buyer use.

unsealed-human-aal2-required

Seal remains buyer-safe because it is unsealed until retained proof is visible.

Latest packet hash: pending

Missing evidence
  • protected packet SHA-256 visibility
  • Proof Promotion ready-for-buyer-diligence decision
  • final Claim Guard check for buyer language

Seal rules

The seal requires protected packet evidence and keeps clinical authority blocked.

hard-stop

Protected packet required

A retained packet SHA-256 visible from protected Manual QA Evidence.

Protected workspace packet list contains the packet hash.
  • Fail closed: Only a public preview hash or operator assertion is available.
hard-stop

Audit event required

Append-only packet audit event UUID from the protected workspace.

Audit event and packet metadata reference the same manual QA run.
  • Fail closed: The audit event is missing, synthetic target is ambiguous, or IDs do not match.
hard-stop

No secrets or PHI

Only workflow ID, run URL, timestamp, target ID, safe object UUID, packet hash, and audit UUID.

No token, credential, PHI, payer member data, source contract, URL artifact, report, or approval document is present.
  • Fail closed: Any field contains secret-like, PHI-like, credential-like, or regulated identifiers.
required

Proof Promotion decision required

Proof Promotion state ready-for-buyer-diligence.

Promotion allows only retained packet metadata and keeps production claims blocked.
  • Fail closed: Proof Promotion is pending, under review, or not visible.
required

Claim Guard required

Claim Guard confirms current language does not overclaim retained proof or production authority.

Buyer language stays bounded to synthetic QA evidence and retained packet metadata.
  • Fail closed: Language implies legal approval, certification, live clinical care, PHI authority, reimbursement certainty, or connector approval.
required

Human AAL2 provenance required

Operator attestation no-secrets-no-phi-aal2-human-run and token disposal attestation temporary-token-deleted-or-rotated.

The run was deliberate, human initiated, scoped, synthetic, and the temporary token was removed.
  • Fail closed: The workflow was unattended, scheduled, broad-targeted, or token disposal is not attested.
hard-stop

Clinical and production authority blocked

Separate external approvals for clinical, legal, privacy, security, reimbursement, regional, connector, and customer go-live authority.

Activation Seal remains limited to buyer diligence for governed synthetic QA.
  • Fail closed: Anyone treats QA evidence as clinical, PHI, payer, reimbursement, certification, connector, or production authorization.

Required evidence

Buyer proof should not move past activation-ready language until every item is visible.

Required evidence

10 checks

  • fresh human AAL2 workflow run
  • explicit synthetic target
  • Completion Bridge accepted no-secret candidate
  • protected Manual QA Evidence packet SHA-256
  • append-only packet audit event UUID
  • workflow run ID and run URL
  • temporary token deleted or rotated
  • Proof Promotion ready-for-buyer-diligence decision
  • Claim Guard current-state language check
  • clinical, PHI, reimbursement, security-certification, connector, and production claims blocked
Hard-stop claims

Blocked

  • live clinical care authorized
  • PHI processing authorized
  • HIPAA certified
  • HIPAA compliant
  • SOC 2 certified
  • security certified
  • FDA cleared
  • FDA approved
  • reimbursement guaranteed
  • production connector approved
  • autonomous diagnosis authorized
  • autonomous treatment authorized
  • patient outreach authorized
  • payer submission authorized
Safe language

Current posture

SCRIMED has an activation-ready no-secret human AAL2 synthetic QA path; the QA Activation Seal remains unsealed until protected packet evidence is visible.