Inferensys

Glossary

SaMD Audit Trail

A secure, chronological record of all inputs, outputs, and explanations generated by a Software as a Medical Device, designed to support post-market surveillance, regulatory review, and forensic analysis of clinical AI decisions.
Auditor reviewing AI-generated audit trail on laptop, blockchain-like immutable records visible, home office evening.
REGULATORY RECORD-KEEPING

What is SaMD Audit Trail?

A secure, chronological record of all inputs, outputs, and explanations generated by a Software as a Medical Device, designed to support post-market surveillance, regulatory review, and forensic analysis of clinical AI decisions.

A SaMD Audit Trail is a secure, tamper-evident, and chronologically sequenced record that captures every clinically significant event within a Software as a Medical Device's lifecycle. This includes the specific input data (e.g., a DICOM image), the model's raw output, any generated saliency map or explanation, the software version, and the user's final action. Its primary purpose is to provide a complete, reproducible history for post-market surveillance and adverse event investigation.

Under regulations like FDA 21 CFR Part 11 and EU MDR Annex II, a robust audit trail is mandatory for demonstrating accountability. It must log who accessed the system, what data was processed, and why a specific diagnostic suggestion was made, often by linking to a feature attribution method's output. This immutable record is critical for forensic analysis, enabling manufacturers to trace an incorrect diagnosis back to a specific model version, a corrupted input, or an overridden clinical decision.

REGULATORY DATA INTEGRITY

Core Characteristics of an SaMD Audit Trail

A secure, chronological record of all inputs, outputs, and explanations generated by a Software as a Medical Device, designed to support post-market surveillance, regulatory review, and forensic analysis of clinical AI decisions.

01

Tamper-Proof Immutability

The audit trail must be cryptographically secured to prevent post-hoc modification or deletion. Once a clinical AI decision is logged, the record becomes append-only and immutable.

  • Uses hash chaining to link sequential records, where each entry contains the hash of the previous entry
  • Employs digital signatures to verify the identity of the system component that generated each log entry
  • Implements write-once-read-many (WORM) storage policies at the infrastructure level
  • Any alteration attempt must generate an immediate alert and leave a forensic trace
  • Critical for demonstrating data integrity during FDA inspections and ISO 13485 audits
ISO 13485
Quality Standard
21 CFR Part 11
FDA Regulation
02

Complete Decision Provenance

Every clinical output must be traceable back through the entire inference pipeline to its originating inputs, model version, and explanation artifacts.

  • Records the exact input data including DICOM headers, pixel data hashes, and preprocessing parameters
  • Logs the model identifier, version, and checksum of the deployed neural network weights
  • Captures all intermediate representations including feature vectors and attention maps
  • Associates each prediction with its corresponding saliency map or feature attribution output
  • Enables retrospective analysis: 'Why did the model flag this region as malignant on this specific study?'
Full Traceability
Input to Output
03

Synchronized Timestamping

All events across distributed diagnostic system components must be recorded with precise, synchronized timestamps to reconstruct the exact sequence of clinical decision-making.

  • Uses Network Time Protocol (NTP) or Precision Time Protocol (PTP) to synchronize clocks across all system nodes
  • Timestamps recorded at millisecond granularity to resolve event ordering in high-throughput inference pipelines
  • Includes both wall-clock time and monotonic system time to detect clock drift anomalies
  • Logs the time of image acquisition, preprocessing completion, inference start/end, and result display
  • Essential for correlating audit events with clinical workflows and identifying latency bottlenecks
< 1ms
Timestamp Precision
04

Structured Explanation Logging

The audit trail must capture not just the diagnostic output, but the complete explanation artifacts that justify the model's decision to clinicians and regulators.

  • Stores Grad-CAM heatmaps, SHAP value matrices, and Integrated Gradients attributions as structured data
  • Records the specific explanation method and its version used for each prediction
  • Logs counterfactual explanations showing what minimal changes would alter the diagnosis
  • Captures uncertainty quantification metrics including epistemic and aleatoric uncertainty scores
  • Enables post-market surveillance teams to verify that model decisions were based on clinically relevant anatomical regions, not confounding artifacts
MDR Annex II
Regulatory Requirement
05

Role-Based Access and Audit

Access to the audit trail itself must be governed by strict role-based controls, with all access events themselves logged to create a meta-audit trail.

  • Implements role-based access control (RBAC) distinguishing radiologists, administrators, regulators, and service engineers
  • All read access to audit records is logged with user identity, timestamp, and purpose of access
  • Supports regulatory read-only modes where inspectors can query but never modify the audit trail
  • Generates cryptographic proof of completeness to demonstrate that no records have been deleted
  • Aligns with HIPAA audit control requirements and FDA's Postmarket Management of Cybersecurity in Medical Devices guidance
HIPAA
Compliance
FDA Guidance
Cybersecurity
06

Automated Anomaly Detection

The audit trail infrastructure should include continuous monitoring that automatically flags deviations from expected clinical AI behavior for immediate investigation.

  • Detects concept drift by monitoring shifts in feature attribution patterns over time
  • Flags out-of-distribution inputs where the model's confidence and explanation patterns indicate unfamiliar data
  • Monitors for attribution attacks where adversarial inputs produce correct classifications but misleading explanations
  • Tracks explanation faithfulness scores over time to detect degradation in interpretability quality
  • Generates automated alerts when saliency maps deviate from domain-specific anatomical priors
24/7
Continuous Monitoring
SAMD AUDIT TRAIL COMPLIANCE

Frequently Asked Questions

Essential questions and answers about building, maintaining, and validating secure audit trails for Software as a Medical Device (SaMD) to satisfy regulatory requirements and support post-market surveillance.

A SaMD audit trail is a secure, chronological, and tamper-proof electronic record that captures all inputs, outputs, algorithmic decisions, and user interactions of a Software as a Medical Device. It is mandated by quality system regulations such as FDA 21 CFR Part 820 and ISO 13485 to provide a lifecycle history of device data. The primary purpose is to support post-market surveillance, enable forensic analysis of adverse events, and demonstrate during a regulatory inspection that the software performed as intended. Unlike a standard application log, a medical device audit trail must include unique user identification, timestamps, the specific clinical data processed, and the resulting diagnostic or therapeutic output, ensuring full traceability from data acquisition to clinical action.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.