Question 1

Is it HIPAA compliant to use AI for nursing notes?

Accepted Answer

Using AI for nursing notes is HIPAA compliant only when the model provider is covered by a Business Associate Agreement (BAA), Protected Health Information (PHI) is encrypted in transit and at rest, every access is auditable, and a licensed clinician verifies and signs the output. Consumer ChatGPT does not meet this bar; enterprise AI behind a BAA can. Project Nightingale is built around that standard: PHI is redacted client-side, the model swap to a BAA-covered endpoint (Azure OpenAI / AWS Bedrock) is on the roadmap, and every signed chart carries a SHA-256 audit hash bound to a Nursys-verified RN license.

Question 2

What is an AI charting assistant for nurses?

Accepted Answer

An AI charting assistant for nurses is software that drafts clinical documentation — SBAR handoffs, narrative notes, focus charting, discharge summaries — from a nurse's raw shift context, then waits for the nurse to verify, edit, and sign before anything is recorded. The nurse remains the author of record. Project Nightingale is the Bring-Your-Own-License variant: the nurse links a verified RN license, the AI drafts, the nurse signs, and a cryptographic audit trail proves the human was in the loop.

Question 3

How is Project Nightingale different from ChatGPT?

Accepted Answer

ChatGPT is a general-purpose chatbot with no clinical context, no PHI redaction, no license verification, no audit trail, and no BAA on the consumer tier — which is why hospital IT departments correctly ban it. Project Nightingale is a clinical workflow: PHI is scrubbed before any network call, the model output is presented in a diff view, and signing requires a Nursys-verified RN license. We store the signed hash, not the chart.

Question 4

Does the nurse or the AI take legal responsibility for the chart?

Accepted Answer

The nurse does. Nothing is finalized until the licensed RN reviews the diff, attests to the content, and signs. The signing ceremony binds the final text, the nurse's verified license number, the timestamp, and the IP into a SHA-256 hash recorded in an append-only audit log. The AI is a drafting tool; the nurse is the author and the legal signatory.

Question 5

What data leaves my device when I use Project Nightingale?

Accepted Answer

Only the redacted clinical context leaves the device. The PHI redactor runs in the browser before any fetch call. Raw input text is discarded server-side after the AI draft is returned; only the signed hash and audit metadata persist. Clipboard, dictation buffers, and patient identifiers are never transmitted.

Question 6

Is Project Nightingale approved for use with real patient data today?

Accepted Answer

No — and we say so on every page. The current build is a security-first prototype with a site-wide synthetic-data-only policy. Real PHI ingestion unlocks when the BAA-covered LLM endpoint, real Nursys integration, and SOC 2 Type I controls ship. The honest roadmap lives at /for-it and /security.

Nurses are drowning in paperwork.
IT keeps banning the cure.

2 hours / shift lost

Hospital IT says no

BYOL changes the math

How does it work? The Centaur loop.

Capture

Synthesize

Verify

Sign & Audit

Frequently asked questions

Ready to take 2 hours back?

Nurses are drowning in paperwork.IT keeps banning the cure.