Plain-language summary↑
This page explains how Dr Sophia AI Pty Ltd governs its artificial intelligence and the data that intelligence touches. It is written for the people who will need to defend a technology decision later: heads of clinical governance, chief information officers, medical directors, and their advisers.
You should take three things from it. First, the platform is clinician-led. It structures clinical decisions and carries the evidence; it does not make decisions on its own. A named clinician reviews every recommendation, signs off on it, and can override it at any time. Second, every recommendation is traceable. You can see which guideline was applied, how consensus was reached, where the reasoning agents disagreed, and who made the final decision. Third, we claim only what we can evidence. Where a registration is held, we name it: Rose AI Clinician is a registered SaMD (Class I). Where we have designed against a framework but are not yet accredited, we say exactly that.
This page is a summary of posture, not the evidence itself. Procurement-grade artefacts, including framework matrices and sample audit packs, are available through our Governance and Security page. If you need a claim substantiated, write to [email protected].
1. Our posture: clinician-led clinical AI↑
Dr Sophia AI is structured clinical intelligence with a governance backbone. The platform's four modules (Sophia Core, Sophia Decision, Sophia Assist, and Sophia Guard) share one operating posture, stated here in full:
Dr Sophia AI operates in a clinician-led workflow.
The platform structures clinical assessments, matches recommendations to source guidelines, and carries the audit trail through the consultation and beyond. It supports clinical decisions. It does not make them.
1.1 What the platform does not do
The platform explicitly does not, and is not designed to:
- provide autonomous medical advice
- make a diagnosis without clinician review
- prescribe independently
- deliver treatment
- establish a clinician-patient relationship
- replace clinical judgement
Under this posture, every platform output is a recommendation until a qualified clinician makes it a decision. That boundary is not a caveat added at the end of the design. It is the design.
2. How decisions are governed: multi-agent consensus, clinician sign-off↑
No single model produces a recommendation on this platform. Sophia Core runs 42 clinical reasoning agents that assess each case independently. Their assessments are resolved through Byzantine consensus, a method built to produce a reliable collective result even when individual agents fail or err, and a recommendation is put forward only when it clears a five-of-seven (5/7) agreement threshold. The agents operate as proprietary agentic teams, so no single failure mode or bias can silently shape clinical output.
2.1 Dissent is recorded, never hidden
Where the reasoning agents disagree, the disagreement is written into the decision record. Dissenting assessments are preserved alongside the consensus view, so the reviewing clinician sees the full picture, including the uncertainty. We treat recorded dissent as a safety feature, not a flaw to smooth over.
2.2 A clinician signs off on every recommendation
Consensus among machines is not a clinical decision. Every recommendation is presented to a named clinician for review, and it is the clinician's acceptance, amendment, or rejection that turns a recommendation into a decision. The clinician's sign-off, and their name, form part of the permanent record described in clause 3.
3. Decision provenance and audit trail↑
Every recommendation the platform produces carries its own provenance record:
- the source guideline or evidence base the recommendation drew on
- the reasoning behind the recommendation, with confidence scores and evidence links
- the consensus record, including any recorded dissent
- the named clinician's decision: acceptance, amendment, or override, with the stated reason
The audit trail is anchored on Hedera Hashgraph, a public distributed ledger. Anchoring writes a cryptographic fingerprint of each record to a ledger outside our own infrastructure, which makes the trail tamper-evident: it cannot be quietly edited after the event, by us or by anyone else.
Audit packs are exportable. A clinical governance committee, an external auditor, an insurer, or, where required, a tribunal can be given a structured export of the decision trail in a form that can be read outside the platform. Any such export is produced and disclosed within the patient consent and privacy framework described in clause 6.
4. Regulatory position: registrations, frameworks, and qualifiers↑
We describe our regulatory position in two lanes, because that is what it is.
| Lane | Identity | Regulatory status |
|---|---|---|
| Registered clinical identity | Rose AI Clinician | Registered Software as a Medical Device (SaMD), Class I |
| Platform | Dr Sophia AI | Not a registered medical device. Designed against the Australian SaMD framework. A Class III SaMD pathway is in progress; no regulatory approval is claimed, and none should be inferred; additional jurisdictions are under application, including the US FDA |
Rose AI Clinician is the registered identity. Dr Sophia AI is the platform brand and is not itself a registered medical device. Wherever this website refers to SaMD registration, it refers to Rose AI Clinician. Additional jurisdictions are under application, including the US FDA.
4.1 Frameworks and standards: our exact position
We use exact qualifiers, and we hold ourselves to them. "Designed against, not yet accredited" means the platform's architecture and processes are built to the standard's requirements, and independent accreditation has not yet been completed. We assert compliance only with the Privacy Act 1988 (Cth) and the Australian Privacy Principles.
| Framework or standard | Our position |
|---|---|
| Privacy Act 1988 (Cth) and Australian Privacy Principles | Compliant |
| ISO 9001 | Certified at group level, held by Botaniqal and Limited Edition Labs |
| ISO 27001 | Designed against, not yet accredited |
| ISO 42001 | Designed against, not yet accredited |
| IEC 62304 | Designed against, not yet accredited |
| ISO 14971 | Designed against, not yet accredited |
| SOC 2 | Designed against, not yet accredited |
| HIPAA | Designed against, not yet accredited |
| GDPR | Designed against, not yet accredited |
| AHPRA and RACGP positions on human review of AI | Aligned with the requirements and principles |
HIPAA and GDPR are listed for international buyers; they govern United States and European personal data respectively, and our design work against them is not an accreditation or a compliance status. We do not display certification marks we do not hold, and we do not use the word "certified" for anything other than the group-level ISO 9001 certification named above.
5. Data stewardship: residency, encryption, and access control↑
Customer clinical data is hosted in Australia (AWS Sovereign Cloud, AU-East). Clinical data does not leave Australia.
| Control area | In place today |
|---|---|
| Data residency | Customer clinical data hosted in Australia (AWS Sovereign Cloud, AU-East); clinical data does not leave Australia |
| Encryption | AES-256 in transit and at rest |
| Identity | Single sign-on (SAML and OIDC) |
| Access | Role-based access control (RBAC), mapped to clinician role |
| Interoperability | HL7 FHIR integration for health-system data exchange |
Population analytics exist only at system level and only on de-identified data. Retention and deletion periods for clinical records are aligned to national legislative requirements and are set out in customer agreements and our Privacy Policy.
This statement covers clinical platform data. What we collect from visitors to this website, including analytics cookies, is separately described in our Privacy Policy.
6. Patient privacy and consent↑
Patient personal and health information processed through the platform is handled on behalf of the healthcare organisation that deploys it, under a signed customer agreement. That organisation is the custodian of the clinical record. It is responsible for obtaining and managing patient consent, and for meeting its obligations under the Privacy Act 1988 (Cth), the Australian Privacy Principles, and the applicable state and territory health-records legislation.
Dr Sophia AI processes clinical data only to provide the platform's decision-support functions under that agreement. It is not used for any secondary purpose, and it is not used to train models. Any audit export of a decision trail, including the exports described in clause 3, is produced and disclosed within that same consent and privacy framework, and it remains subject to the customer organisation's obligations to the patient.
Information collected from visitors to this website is separate, and is described in our Privacy Policy.
7. Human oversight and accountability↑
The named clinician is the author of record for every clinical decision made with the platform. The audit trail is built around that authorship: the clinician's name appears in the decision record, and the explainability output is written so a reviewer can see who decided, on what evidence, and why.
Override is always available. A clinician can amend or reject any recommendation at any point in the workflow. Every override is logged with the clinician's stated reason and becomes part of the anchored audit trail. An override is the platform working as intended, and it is recorded as such.
Platform behaviour, overrides, and incidents are subject to a standing internal governance review.
8. Model and agent governance↑
The platform is built on proprietary agentic teams. Clinical reasoning is resolved as a quorum across those teams, so platform behaviour is never hostage to a single failure mode. Team diversity is a governance control, not an implementation detail.
No model, and no model update, reaches clinical use without evaluation. Models are assessed against defined clinical safety and performance criteria before deployment, and changes to the model estate are handled as controlled changes. We publish performance figures only alongside the methodology that produced them.
9. Questions and contact↑
This statement is a public description of governance posture. It is not a contract. Customer use of the Dr Sophia AI platform and of Rose AI Clinician is governed by separate signed customer agreements, use of this website is governed by our Terms of Use, and personal information handling is described in our Privacy Policy.
- Governance, legal, and privacy questions, including anything about clinical data handling: [email protected]
- General enquiries: [email protected]
We aim to acknowledge enquiries within one business day. Procurement-grade evidence, including framework matrices, sample audit artefacts, and architecture briefs, is available on our Governance and Security page.
This statement is issued by Dr Sophia AI Pty Ltd, ACN 675 911 010, registered address Regus Suite 118, 121 King William Street, Adelaide CBD, SA 5000.