kolm
get started
health-insurance · templates · risk-adjustment-coder

Risk adjustment coding

A kolm template that extracts CMS-HCC codes from clinical progress notes with per-code confidence and source-span citations. PHI is redacted before any inference; the model never hallucinates a code without an in-note span; the receipt chain proves which sentence supported each code so a CMS RADV auditor can reconstruct the trail.

template id
risk-adjustment-coder
k-score gate
≥ 0.95
seed examples
12 anonymized
held-out eval
220 cases

Input & output spec

One note per request. The coder returns a list of HCC codes with confidence and the exact source span; codes without an in-note span are dropped, not hallucinated.

input

{
  "note_id":       "NOTE_2026_044519",
  "member_id":     "<redacted>",
  "visit_date":    "2026-05-09",
  "provider_npi":  "1234567893",
  "note_text":     "<PHI-bearing progress note>",
  "hcc_model_year":"2026"
}

output

{
  "hcc_codes": [
    {
      "code":        "HCC18",    // Diabetes w/o complication
      "icd10":       "E11.9",
      "confidence":  0.96,
      "source_span": "PMH: T2DM, on metformin, A1C 7.1"
    },
    {
      "code":        "HCC85",    // CHF
      "icd10":       "I50.9",
      "confidence":  0.91,
      "source_span": "EF 35% on echo 04/2026"
    }
  ],
  "redaction_count": 3
}

4-ring receipt schema

Every code extraction ships a receipt your RADV auditor can re-verify offline. The chain proves the input note, the HCC model version, the codes + source spans, and the seal.

ring 01 · pre-image
note_id + member_hash + visit_date
tenant-rotated HMAC
ring 02 · derived
hcc_model_year + icd10_dictionary_hash
model-version bound
ring 03 · execution
hcc_codes[] + source_spans + confidences
judge_id signed
ring 04 · seal
SHA-256(ring1..3) · verify endpoint
offline-verifiable

Verify command: kolm verify --hash <receipt_hash>. Runs locally against the seal, no network required.

BAA fast-track

Health plans on a BAA see kolm production-ready in two business days. The customer-hosted bridge runs in the tenant network boundary; PHI is processed there and never crosses our infrastructure; the audit log is yours to keep.

how it works

# 1. Sign the BAA (legal-team turnaround)
[ DocuSign · 48 hours typical · mutual NDA in same envelope ]

# 2. Provision the bridge in your VPC
$ kolm bridge install \
    --provider aws \
    --region us-east-1 \
    --baa <baa-id>

# 3. Compile this template against your coded notes
$ kolm compile --spec risk-adjustment-coder.spec.json \
    --examples ./your-coded-notes.jsonl \
    --gate 0.95 \
    --out hcc-coder.kolm

what we sign

- HIPAA Business Associate Agreement
- HIPAA Security Rule §164.308 (admin safeguards)
- HIPAA Security Rule §164.310 (physical safeguards)
- HIPAA Security Rule §164.312 (technical safeguards)
- Breach Notification §164.404
- Subcontractor flow-down (none — kolm holds no PHI)
- Audit-log retention (6 years, your S3 bucket)

Get the template

Two ways to take this live. Self-serve with the sample artifact, or kick off a BAA conversation if you need PHI day one.

Start with this template Talk to a human about BAA Download spec JSON

The spec is a portable JSON file. Drop it into kolm compile --spec with your anonymized seed examples to build a private .kolm tagged LicenseRef-kolm-default-1.0 by default; pass --license to tag it differently.

Five more templates for health plans

01 · template
claims-adjudication
02 · template
prior-auth-review
03 · template
fraud-detector
04 · template
member-support-triage
06 · template
provider-credentialing
index
all health-insurance