kolm compiles your clinical task into a signed local artifact: model, adapter, recipes, recall index, tests. Runs on a tablet, a laptop, or behind your firewall. kolm serve --mcp exposes it to the agents your clinicians already use. The frontier you bring is the teacher; the artifact is the binary; the data never leaves.
Every API call is a BAA-scoped event. Every prompt is potentially discoverable. Every outage is a clinical incident. The risk isn't theoretical, it's an audit row, every minute, on every tenant.
is a HIPAA-scoped event tracked in audit. kolm runs the inference on the device.
cloud latency on every chart line. kolm answers locally in 80 ms.
for frontier deprecations. kolm pins the model into the artifact for the life of the deployment.
The compile bridge runs inside your boundary. Nothing leaves except the artifact. The artifact is a single signed file. The signature is verifiable offline against the manifest hash chain.
Signed Business Associate Agreement, default-redacted logs, optional zero-retention compile. The compile pipeline never persists patient data.
Air-gap-friendly orchestrator that runs inside your network. The frontier teacher you bring is reachable through your existing egress proxy, nothing else.
Every output is reproducible. Every layer is content-addressed. Tampering with any layer breaks the chain. Useful at audit, defensible at deposition.
A 38 MB artifact running on a clinician's tablet. Indexes the patient's history locally; drafts the encounter note in the institution's voice; defers anything the verifier rejects to a human. Receipts mirror to the institution's audit log. No cloud calls during the visit.
Compile happens once per quarter against the institution's de-identified gold set. The artifact is signed, K-scored, and pushed to the MDM for distribution. Deployment is a single signed file, not a service.
De-identified note pairs from the institution's gold set. Held-out evaluation drawn separately and never seen at training.
Verifier synthesized from examples, k-sample teacher, LoRA distill, recipe extract, recall index, sign. K-score gate enforces ship floor.
Hold-out evaluation report goes to the clinical informatics committee. K-score breakdown is part of the artifact, defensible at audit.
Single signed file deploys via MDM. Runtime is offline. Receipts mirror to your audit log via HL7 or webhook on demand.
Honest table. Same one we publish on /security for everyone else.
BAA path on Enterprise tier. On-prem compile bridge keeps PHI inside your VPC.
Type I evidence available now. Quarterly evidence packets shipped to Pro and Enterprise.
Designed against high-risk Annex III obligations from day one. Per-artifact technical documentation by construction.
EU-resident compile region available on Pro and Enterprise. DPIA template provided. Right to erasure honored within 30 days.
Mail us with a one-line description of the task and the data sensitivity tier. We'll come back with a 30-minute call, a reference artifact, and a path to a signed pilot.