Industry 03Healthcare
Hikari Blue operates in healthcare where the regulatory framework is non-negotiable and the failure mode is patient harm. HIPAA, MDR, FDA software guidance, EU AI Act: engineered into the architecture, not retrofitted before the audit.
What makes this sector hard
Five structural pressures shape every engagement we accept in healthcare. They are why most enterprise platforms fail on the first regulator inspection.
The two regimes have different evidence formats, retention rules and audit cadence. The platform must answer both from one architecture, not from two parallel compliance teams.
Every prediction, recommendation or triage suggestion that touches a clinician must be traceable, explainable, retirable. The EU AI Act puts most clinical AI in the high-risk band by default.
Hospital networks do not stop. The platform must integrate with EHR, PACS, LIS, departmental systems, and the clinician must not feel the integration. Adoption fails on friction, not on features.
National health data rules vary widely: France HDS, Germany BSI C5, UK NHS DSP, US state-by-state. The architecture must respect the strictest, not the average.
MedTech products live ten to fifteen years in clinical use. Every substantive change requires re-validation, re-submission, re-audit. The platform must let you ship change at the cost of process, not at the cost of risk.
How we operate here
Four engagement types we accept in healthcare. Each carries patient data sovereignty and audit posture as a design property.
Eight to sixteen weeks. We design the data layer, evidence chain and access trails so both regimes can be defended from one platform, with one audit pipeline.
Signed by Xavier de MaillardSix to twelve weeks. Model registry, evaluation pipeline, drift monitoring, audit trail for AI-assisted clinical decisions. EU AI Act-defensible from day one.
Signed by Xavier de MaillardTwelve to twenty-four weeks. Integration with EHR, PACS, LIS and departmental systems under live operating conditions, with clinician adoption measured, not assumed.
Signed by Rémi ClaverieSix to twelve weeks. Residency architecture honoring the strictest national rule on the workload, with defined transfer mechanisms and clean separation from non-PHI workloads.
Signed by Gilles MischlerSolutions mobilized here
Clinical AI with model registry, evaluation pipeline, kill switch by architecture.
MedTech and hospital platforms engineered for HIPAA and MDR from the architecture.
Delivery posture defensible to internal audit, FDA software guidance, EU MDR.
Continuous operations with audit-ready evidence, on a clinical reliability standard.
Bring the patient-data question
Thirty minutes with a senior partner. We listen to your HIPAA / MDR perimeter, your clinical AI exposure, and we tell you what we would harden first, and what is already healthy.