Appearance
Overview
What this is
The Clinical Agent Runtime Control Platform (CARC) is a control-plane service that sits between a clinical AI agent and the workflow it's allowed to affect. A healthcare AI company runs its own model — however it likes, on whatever infrastructure it likes — and hands the finished output to the Runtime Control Engine. The engine evaluates that output against:
- Evidence — is every claim actually supported by a retrieved source?
- Configurable policies — deterministic, data-defined rules (e.g. "any medication recommendation requires human review")
- Runtime risk — a computed score derived from evidence and policy results
and returns one control decision: allow, require human review, or block. Every step is recorded on an immutable audit trail (the Decision Context Record) that can be fully replayed later.
What it does not do
- It does not generate clinical text. There is no LLM call inside the engine's control path. Your agent produces the output; the engine only evaluates it.
- It does not perform NLP or claim extraction. Agent output must arrive as structured data (
claims,medication_recommendations,narrative) — see External Agent Runs. - It does not integrate with a real EHR or FHIR system yet. All clinical context in this version is synthetic. See Security for the honest list of current limitations.
- It is not an authentication or authorization system yet. See Security before you build anything you intend to expose outside your own network.
Runtime control vs. model execution
| Model execution (your agent) | Runtime control (this platform) | |
|---|---|---|
| Produces clinical text | Yes | Never |
| Decides what to say | Yes | Never |
| Decides whether it's safe to act on | No | Yes — evidence + policy + risk evaluation |
| Owns the audit trail | No | Yes — immutable Decision Context Records |
| Requires clinical domain knowledge inside it | Yes (your model) | No — policies are deterministic and data-defined |
Agent-agnostic architecture
The engine has no built-in assumptions about which model, provider, or architecture produced an output. It is validated the same way regardless of origin:
- Internal runs — the engine's own shipped reference adapter (used for demos and the Web Control Console's Case Workspace)
- External runs — any third-party agent, submitted via
POST /runtime/agent-runs
Both paths go through the identical evidence/policy/risk pipeline. Nothing about the control decision changes based on who executed the agent — see External Agent Runs for the full integration contract.
Next
- Architecture — the object model and how the pieces fit together
- Core Concepts — Runtime Session, Agent Run, Decision Context Record explained
- Quickstart — run the whole lifecycle yourself