AISS · HEALTHCARE BUNDLE
AI Security for Clinical AI
AISS applied to healthcare-specific threat surface, control mapping, and cyber-insurance underwriting reality. The open standard, made concrete for HIPAA-regulated AI.
Healthcare AI is a Distinct Discipline
A generic AI security framework treats the LLM in an EHR scribe the same as the LLM in an HR chatbot. Healthcare AI is not the same. PHI is on every inference call. Hallucinations cause malpractice exposure. RAG over clinical guidelines is a regulated decision-support context under FDA Software-as-a-Medical-Device criteria. Cyber insurers have started writing AI exclusions and healthcare-specific AI sub-limits.
The AISS Healthcare bundle is three concrete artifacts that work together: the curated threat profile that shows what adversaries actually do against clinical AI, the carrier crosswalk that translates AISS evidence into the cyber-insurance underwriting language, and the AISS sub-controls themselves — the open methodology auditors can verify your scoring against without calling Ayliea.
WHAT'S IN THE BUNDLE
Three Artifacts, One Auditable Story
Healthcare AI Threat Profile
10 MITRE ATLAS techniques curated against the clinical-AI threat surface — PHI exfiltration, training-data poisoning, hallucinated diagnoses, agentic prescription-tool compromise — each mapped to the AISS sub-controls that mitigate it.
Cyber-Insurance Underwriting Crosswalk
AISS controls mapped to the typical cyber-insurance underwriting questions carriers ask of healthcare orgs adopting AI in 2025-2026. Submit one auditable artifact when answering the AI section of a cyber application.
AISS Spec & 10 Control Domains
The open standard underlying every assessment. 10 domains, 56 sub-controls, 9 framework crosswalks (NIST AI RMF, NIST CSF, ISO 27001, OWASP LLM Top 10, MITRE ATLAS, EU AI Act, Colorado AI Act). CC-BY-4.0.
PRIORITY CONTROLS
AISS Sub-Controls That Matter Most for Healthcare AI
The full AISS standard has 56 sub-controls. These eight are the ones healthcare AI deployments fail most often — and the ones cyber-insurance carriers ask about most directly in the AI section of their applications.
PHI in AI inference paths
Prevent PHI from flowing to AI tools without a BAA. Failure here is a HIPAA breach with notification obligations.
Minimum-necessary at the model layer
Apply HIPAA's minimum-necessary rule to AI prompts and outputs, not just the surrounding application.
Clinical RAG source integrity
Validate the integrity of clinical guidelines, formularies, and case-law sources that feed retrieval-augmented generation.
AI vendor BAAs + AI-specific contract terms
BAAs are necessary but not sufficient. Healthcare AI vendor contracts need AI-specific training-data, output-indemnity, and model-change-notification terms.
Output validation before clinical action
Hallucinated guidance acted on by clinicians creates documented chains of harm. AC-6.1 mandates the review controls.
Synthetic content provenance
Patient-facing AI outputs must be identifiable as AI-generated. EU AI Act Article 50 binding from 2026-08-02; FTC and state regulators increasingly aligned.
Breach notification on AI-mediated disclosures
HIPAA breach notification timelines apply to AI-mediated PHI disclosures. The IR procedure must cover prompt-injection successes and model-output leakage.
Agentic AI action authorization
Agentic clinical assistants (EHR query, lab order, prescription) need authorization guardrails. Compromised credentials in agent configuration are documented attack outcomes.
View all 56 sub-controls in the AISS spec on GitHub.
OPEN GOVERNANCE
A standard your auditor can verify, your insurer can recognize, and your team can propose changes to
Every AISS sub-control, scoring rule, and crosswalk in this bundle is published under CC-BY-4.0 at github.com/Ayliea/aiss. Hospitals, health systems, and clinical-AI vendors are invited to propose improvements via the public RFC process — particularly around edge cases the controls do not yet cover.
Run an AISS Healthcare assessment
Score your clinical AI surface against the AISS Healthcare priority sub-controls. Receive an auditable derivation, ATLAS-mapped threat coverage, and a carrier-ready summary you can submit with your next cyber-insurance renewal.