SCRIMED CODE pt. 4
Agent Governance Control Plane
SCRIMED Agent Governance is a synthetic/no-PHI control plane. It evaluates metadata-only agent session state and does not authorize PHI export, autonomous clinical care, diagnosis, treatment, prescribing, EHR writeback, payer submission, production deployment, certification claims, or customer go-live.
Identity Registry
Every agent has declared scope, allowed tools, blocked tools, and an owner.
Project SENTINEL Supervisor
Trust and Safety
ehr_writeback, payer_submit, patient_message, external_export
Prior Authorization Documentation Agent
RCM Governance
payer_submit, patient_message, ehr_writeback
Clinical Context Agent
Clinical Safety
diagnose, prescribe, ehr_writeback, patient_message
Contextual Policies
Session-state flags drive allow, deny, or require-review decisions.
phi-touched-block-export
If PHI touched, block export and require human review.
PHI access changes the action boundary; export cannot proceed without qualified approval.
untrusted-content-restrict-tools
If untrusted external content read, restrict tool actions.
Untrusted content can inject instructions or poison retrieval context.
cost-threshold-requires-approval
If agent cost exceeds threshold, require approval.
Cost guardrails prevent runaway agent loops and unexpected billing exposure.
external-communication-review
If action attempts external communication, require review.
External communication can create legal, clinical, patient, or payer consequences.
outside-declared-scope-deny
If agent task is outside declared scope, deny.
Agents are deny-by-default outside their declared identity and permission scope.
clinical-recommendation-decision-support-only
If clinical recommendation requested, return decision-support-only boundary.
Clinical content can support review but cannot become autonomous diagnosis, treatment, or prescribing.