Trust, but Verify: Audit-ready logging for clinical AI

Abstract

High-end clinical AI systems today (e.g. in radiology and oncology) need to be transparent so that their final output (or recommendations) can be explained post hoc in detail. Workflows for audit-capable logging in medical imaging AI are available online [4] (IHE BALP). Highlights - We meet the clinical need for auditability with tamper evident logging integrated into everyday PACS and EHR workflows. We algorithmically timestamp, through cryptographically auditable operations, the entirety of data flow and model inferences in our approach using standard healthcare data formats (DICOM and HL7/FHIR), binding events in hash chains and Merkle trees. We assess the system using real and synthetic datasets, as well as simulated audit trails of tampering. The logging pipeline immediately performs runtime canonicalization of events, hashing, and periodic notarization to an external trusted service for anchoring immutable integrity. In experiments, our system detected ≈100% of unauthorized log modifications (95% CI reported in Results) and achieved an end-to-end latency of <5 ms for detecting tampering attempts (modifications, reordering, deletions, forgeries). The median time to verify evidence of integrity breaches was 3.2 ms per event, with no throughput impact (well over 10,000 events/s ingestion). Statistical analysis demonstrates excellent performance: sensitivity ≈100%, specificity ≈100%, and F1 ≈0.999 (95% CI in Results) for tamper detection, achieving reliable results across diverse hospital sites and device vendors. Storage overhead was <5% of total data size (≈120 bytes per log event). These findings show that our audit-ready logging can offer strong forensic trails for clinical AI, ensuring reproducibility and compliance (HIPAA, FDA 21 CFR Part 11) without causing delays in clinical workflows. We contend that such verifiable logs will be significant for clinical incident investigation, liability reduction, and meeting new regulatory constraints aimed at AI traceability (e.g. EU AI Act Article 12). By rendering AI decisions completely auditable and provably immutable, this work establishes a basis for safer and more responsible deployment of AI in patient care.

Ähnliche Arbeiten