QMS Nordic

QMS Nordic · AI System Card

QMS Nordic QMS — AI Assistance Disclosure

QMS Nordic embeds AI-assisted drafting, suggestion, and retrieval features into the QMS workflow. This page describes what the AI does, what it does not do, the foundation models it relies on, the safeguards in place, and your rights as a user. It is published in accordance with EU AI Act Articles 11, 13, and 50.

1 · Intended purpose

QMS Nordic's AI assists humans drafting regulatory documentation — risk-management plans, clinical evaluation reports, post-market surveillance plans, software development plans, and similar QMS artefacts — by producing draft text grounded in a maintained registry of regulatory clause citations (ISO 14971, EU MDR/IVDR, 21 CFR §820, IEC 62304, IEC 62366-1, MDCG guidance, etc.).

It also performs ancillary tasks: explanation of regulatory concepts, root-cause and hazard suggestion in CAPA / risk flows, and helpdesk reply suggestions.

2 · Out-of-scope uses

  • QMS Nordic AI is not a substitute for a Notified Body, a regulatory consultant, or an internal subject-matter expert.
  • AI-generated text must be human-verified before any document leaves DRAFT state — this is enforced by the platform and cannot be bypassed by the document author.
  • QMS Nordic AI does not make clinical decisions, does not generate patient-facing diagnoses, and does not autonomously approve documents.

3 · Foundation models and providers

  • Anthropic Claude (Sonnet 4.6) — primary drafting model. Anthropic is listed as a sub-processor on our sub-processor page. Customer documents are NOT used to train Anthropic models — this is contractually enforced via our zero-retention deployment configuration.
  • OpenAI text-embedding-3-small — used for retrieval (RAG) over your tenant's own documents. Embeddings are tenant-scoped; no cross-tenant retrieval is possible.

4 · Accuracy expectations and limitations

Foundation models can produce incorrect, outdated, or inappropriate text. Specifically, QMS Nordic AI may:

  • Hallucinate clause numbers, statistics, or device characteristics — which is why every claim must be human-verified against the provided citation registry.
  • Lag behind very recent regulatory updates (training-data cutoff plus our deployment lag — typically 0–6 months).
  • Produce drafts that read as confident but miss tenant-specific context the model wasn't given.

For these reasons, the verification gate (see Section 6) is mandatory.

5 · Logging and record-keeping (Article 12)

Every AI inference creates an immutable record:

  • SHA-256 hash of the prompt and output (raw text never persisted)
  • Model id, token counts, retrieved-chunk ids, timestamp, user id
  • An AI_DRAFT_GENERATED / AI_POPULATED entry in the hash-chained audit log

Logs are retained for the tenant lifetime (well beyond the 6-month minimum). Tenants can query their own logs via /audit.

6 · Human oversight (Article 14)

AI-populated documents enter a structured verification flow at /documents/[id]/verify. Each section starts as ai-generated and only counts toward release once a verifier signs it off. The author of the AI populate run cannot self-verify; verification requires a separate person. Editing a section resets it to edited, requiring re-verification.

Documents with unverified sections cannot transition out of DRAFT. This is enforced server-side and audit-logged.

7 · Marking AI-generated content (Article 50)

AI-generated content is marked with the icon throughout the UI. Each AI-populated document carries aaiProvenance JSON record listing the model id, prompt/output hashes, verification status per section, and verifier identities — preserved across human edits. A machine-readable X-AI-Generated header is set on downloads of any AI-touched artefact.

8 · Cybersecurity and accuracy controls (Article 15)

  • TLS 1.3 in transit; AES-256 at rest (managed by Neon)
  • Per-tenant FORCE RLS in Postgres — cross-tenant data leakage prevented at the database layer
  • Sentry runtime monitoring with PII scrubbing for anomaly detection
  • Per-tenant AI budget caps — protect against runaway costs and rate-limit attacks
  • Regression test suite against a curated benchmark of reference QMS documents (extending coverage in 2026)

9 · Reporting an AI incident

If QMS Nordic's AI output causes harm, near-miss, or a serious accuracy failure: file a complaint via /complaints with source AI_INCIDENT. We will investigate via the standard CAPA flow and, where required, notify market surveillance authorities under Article 73.

10 · Versioning

This system card is versioned in source control alongside the QMS Nordic codebase. The current revision corresponds to the deployment fingerprint shown on the status page. Material changes are announced via /legal/sub-processors and to admins of affected tenants by email.

Last reviewed: April 2026 · Maintained by QMS Nordic Compliance · DPA · deployer dashboard