Hydrog7n
Risk Classification & Governance Suite
← Course Map Governance Framework
L1 · Routine
L2 · Operational
L3 · Clinical
L4 · High-Stakes

Risk Classification

Calibrated to NIST AI RMF, FDA SaMD, ISO/IEC 42001:2023, OECD AI Principles

Quick classifier

Does this AI system directly access or process individually identifiable PHI?

Suggested classification

Governance Framework

A proprietary 7-tier governance framework mapped to NIST AI RMF, ISO/IEC 42001:2023, and the OECD AI Principles

NIST RMF
ISO 42001
OECD
IBM Auto Gov
HIPAA / FDA
Badges show requirement for selected risk level

Saved Assessments

0
No assessments yet. Use "+ New Use Case" to classify and save a use case.
New Use Case Assessment
Step-by-step risk classification
What is the use case?
Name it and identify the department or service line deploying it.
Does this system access or process patient health information (PHI)?
PHI includes any individually identifiable health data: names, MRNs, diagnoses, test results, images.
How does the AI output reach clinical care?
Think about the path from AI output to patient: is there a human who must actively confirm before action?
What is the likely consequence of a system error?
Consider worst-case failure: false positive acted on, missed finding, or erroneous autonomous action.
Key governance requirements at this level