Accreditation & Compliance

AI Governance Framework

How Regain's three-agent architecture -- Deutsch, Popper, and Hermes -- provides structural AI governance that satisfies independent safety supervision requirements for healthcare AI accreditation.

Core Principle: Governance is not a policy document. It is an architectural property. Regain's three systems are separated by codebase, runtime, access controls, and communication contracts -- making independent safety supervision a structural guarantee, not a procedural aspiration.

Three-Agent System Overview

Regain's clinical AI operates as three distinct systems, each with a defined role. This separation is not a product design choice -- it is a structural requirement for independent safety supervision.

TA1 Clinical Agent
DEUTSCH
The clinical reasoning engine. Takes patient context, applies guideline-directed logic via a three-agent debate structure (Generator, Verifier, Reasoner), and produces clinical proposals.
Contract Layer
HERMES
The shared contract layer. Defines the exact structure of every message exchanged between Deutsch and Popper. An npm package with TypeScript types and validators. Apache 2.0 open-source.
TA2 Supervisory Agent
POPPER
The independent safety supervisor. Receives proposals from Deutsch and returns a verdict: APPROVE, HARD_STOP, ROUTE_TO_CLINICIAN, or REQUEST_MORE_INFO. Does not generate clinical content. 
                        REGAIN ARCHITECTURE

  ┌──────────────┐    Hermes Contract     ┌──────────────────────┐
  │              │  (SupervisionRequest)   │                      │
  │   DEUTSCH    │ ─────────────────────>  │      POPPER          │
  │  (TA1)       │                         │      (TA2)           │
  │  Clinical    │  (SupervisionResponse)  │  Independent Safety  │
  │  Reasoning   │ <─────────────────────  │  Supervision         │
  └──────┬───────┘                         └──────────┬───────────┘
         │                                            │
         │                              Verdict:
         │                                            │
         ▼                          ┌─────────┬───────┴────────┐
    Patient gets            │         │                │
    response             APPROVED    HARD_STOP    ROUTE_TO
                           (proceed)   (block)     _CLINICIAN
                                                                │
                                                                ▼
                                                        ┌──────────┐
                                                        │   MISS   │
                                                        │ Clinician│
                                                        │  Review  │
                                                        └──────────┘

Why the Separation Matters for Accreditation

IAC governance Category 2 requires independent safety supervision -- an architecturally distinct verification mechanism for AI outputs. The key word is "independent." Regain's architecture provides this independence structurally, not just procedurally.

Separation Dimension What This Means
Separate Codebases Deutsch and Popper are different repositories with different development teams. A change to Deutsch's reasoning logic does not change Popper's supervisory rules.
Separate Runtime Popper runs as its own service. It does not share a process, database, or deployment pipeline with Deutsch. If Deutsch is redeployed, Popper continues running unchanged.
Separate Access Controls Popper has its own role-based access system. A developer with access to Deutsch does not automatically have access to modify Popper's policy packs.
Communication Only Via Contract Deutsch and Popper interact exclusively through Hermes-defined HTTP messages. There is no shared state, no backdoor, no way for Deutsch to influence Popper's decision except through the defined supervision interface.

Hermes Contracts: Structured Message Discipline

Supervision between Deutsch and Popper is not ad-hoc. Every message follows a defined contract. If a message does not conform, it is rejected before it reaches Popper's evaluation logic.

Contract Message Types 4 types
Message Type Direction Contents
SupervisionRequest Deutsch -> Popper Proposed intervention (type, severity, clinical domain), de-identified subject ID, trace ID, clinical context references
SupervisionResponse Popper -> Deutsch Verdict (APPROVED / HARD_STOP / ROUTE_TO_CLINICIAN / REQUEST_MORE_INFO), rationale, conditions
ProposedIntervention Embedded in request Structured representation of what Deutsch wants to do: medication, diagnosis, or triage action
AuditEvent Emitted at each step Types: SUPERVISION_REQUESTED, SUPERVISION_RECEIVED, CONTROL_COMMAND_APPLIED, VALIDATION_FAILED

Why this matters: Supervision coverage cannot silently degrade. A malformed request fails loudly. The interface is auditable -- every field in every message is defined and documented.

Audit Trail Capabilities

Every decision Popper makes is recorded with full traceability. The audit system is designed for both real-time monitoring and retrospective regulatory review.

Audit Architecture Detail Immutable
Capability Implementation Governance Relevance
Trace-Linked Events Every supervision request/response pair shares a trace ID, linking the full decision chain Category 3: Override tracking with rationale
PHI Redaction Audit emitter strips protected health information before storage HIPAA compliance for audit data
TimescaleDB Hypertable Time-series optimized storage for high-volume audit events Category 4: Performance monitoring at scale
Drift Detection Baselines and thresholds surface anomalies; safe-mode provides documented response Category 5: Bias monitoring, Category 8: Adverse event detection
Incident Tracking Threshold breaches recorded with resolution status and timeline Category 8: Adverse event reporting

Eight Governance Categories

The IAC AI accreditation framework defines eight governance categories. Popper directly addresses Categories 2, 3, and 4 as its core function. The remaining categories are supported through the broader Regain architecture.

# Category Phase Regain Coverage
1 Pre-Deployment Validation Pre-Deployment Deutsch: 68-vignette pre-clinical benchmark. Hermes: contract validation.
2 Safety Supervision In Operation Popper core. Independent supervision with APPROVE/HARD_STOP/ROUTE verdicts.
3 Override Tracking In Operation Popper core. Every clinician override recorded with structured rationale.
4 Performance Monitoring In Operation Popper core. Drift detection, baselines, threshold enforcement.
5 Bias Monitoring In Operation Popper drift signals can be disaggregated by demographic group.
6 Multi-Vendor Governance In Operation Per-organization policy packs. Hermes contracts are vendor-agnostic.
7 Clinician Training Cross-Cutting Audit data informs training programs. Training materials outside Popper scope.
8 Adverse Event Reporting Cross-Cutting Incident tracking with threshold breaches and resolution timelines.

Explore AI Governance Partnership

See how Regain's architecture maps to your organization's accreditation requirements.

Anton Kim, PhD

Anton Kim, PhD

CEO, Regain Inc.

@gsizm LinkedIn
Schedule 30 min call Email anton@regain.ai WhatsApp +1 (559) 702-6866 Telegram @Gsizm
Safety Architecture Back to Overview