Bounded AI Adoption for Health Services.

From blanket prohibition to controlled, evidenced use.

No real customer data, live patient records or clinical decisions are involved in the first phase.

A blanket AI ban is understandable. It is not a long-term operating model.

The problem is not simply whether AI can produce useful output. The problem is whether an organisation can show what use is permitted, what information may be used, who may approve an output, and what evidence proves the decision afterwards.

Without that control, leaders face an unacceptable choice: block AI entirely, or allow it to spread without a defensible operating boundary.

We do not set the rules. We make sure you can play by them.

KATLAS is not a standards consultancy, data-science practice or generic AI-governance dashboard.

The organisation defines its own policies, thresholds and accountabilities. KATLAS/Cierge turns those decisions into a governed operating workflow at the point of request, review, action and handoff.

AI may assist. Authorised people decide. KATLAS proves the governed action.

DevOps made software delivery repeatable. CAROps makes AI-enabled action governable.

DevOps improved the discipline of building and releasing software.

CAROps applies the same operational discipline to AI-enabled work: clear boundaries, accountable roles, controlled handoffs and evidence that the agreed process was followed.

The organisation owns the rules. KATLAS operationalises them.

Start where a leader can safely say yes.

The first phase is deliberately small. It does not ask a health-services organisation to introduce AI into patient care, replace incumbent systems or expose sensitive records.

It proves one permitted, bounded use of AI for one nominated team.

One bounded request. One controlled outcome. One evidence trail.

1. Step 01
   Permitted task selected
   A staff member selects an agreed purpose and task type.
2. Step 02
   Policy boundary checked
   The request is allowed, routed for review or refused according to the organisation's rules.
3. Step 03
   Approved material referenced
   Only permitted content categories or source references are used.
4. Step 04
   AI drafts or supports
   The tool assists within the agreed boundary.
5. Step 05
   Authorised human review
   A nominated role approves, rejects or returns the output for revision.
6. Step 06
   Controlled use or escalation
   The approved output is used only in its permitted context, or escalated for exception handling.
7. Step 07
   Governed receipt recorded
   The organisation can show what happened, under whose authority and with what outcome.

This demonstrates governed operational control. It does not expose prompts, raw private evidence, personal data, credentials or hidden system content.

The organisation can permit selected AI use without surrendering control.

• 01A named task moves from blanket prohibition to permitted use under written bounds
• 02Every output remains draft-only until an authorised human approves it
• 03No live patient-identifiable data is used in the first phase
• 04Leaders can see what was permitted, refused, escalated and approved
• 05The sponsor receives a board- and CISO-ready evidence pack recommending which use cases can be enabled next

“We have not simply opened the door to AI. We have established the conditions under which it may be used.”

A small first adopter. A repeatable governed-workflow business.

The first engagement is deliberately bounded. The scalable product is the reusable CAROps pattern — policy controls, role boundaries, evidence custody and receipt infrastructure — configured for further teams, tools, workflows and counterparties without rebuilding the governance model from scratch.

1. Stage 01
   Bounded AI Readiness
   10–15 working days

   Define the first permitted use case, accountable roles, evidence boundary, policy assumptions and pilot success measures.

   Indicative commercial range: £10k–£15k
2. Stage 02
   Bounded AI Adoption Pilot
   6–8 weeks

   Run one controlled task family for one nominated team, with human approval and governed evidence.

   Indicative commercial range: £25k–£40k
3. Stage 03
   Operational Governance Deployment
   3–6 months

   Add approved internal sources, live operating roles, selected integrations and management evidence across further use cases.

   Indicative commercial range: £75k–£150k
4. Stage 04
   Governed Role Network
   Annual KATLAS/Cierge licence

   Extend the same governance pattern across teams, workflows, services and eventually counterparties.

   Indicative annual licence: from £60k+, plus scoped implementation and support

Land with a bounded sponsor problem. Expand through adjacent workflows. Scale through repeatable governance and selected delivery partners.

This is not bespoke health software. The client-specific boundary is configured at the edge; the CAROps operating model is the reusable product.

The first pilot is not the whole opportunity. It is the credible way into it.

Once one use case has been governed successfully, the same operating model can be extended to further AI tools, teams, evidence sources and organisational handoffs.

The route is not “pilot theatre”. It is a structured progression from one bounded decision to a governed network of accountable roles.

• More permitted AI uses
• More operational teams
• More governed evidence sources
• More accountable reviewers and decision rights
• More repeatable workflow packs
• Potential managed-service and systems-integrator delivery routes

The same discipline becomes more consequential in health.

The first-adopter route begins with non-clinical staff AI use because it is the safest place to establish controlled adoption.

The same Custody, Authority and Receipts pattern can later support more complex health-service coordination — where AI assists, authorised health roles decide, and governed outcomes can be evidenced without centralising sensitive information.