● Logging & Audit

The glass box: every event recorded, every action stored

Nothing happens off the record. Every governed query, cohort, feasibility run, and review decision is written to an append-only evidence log β€” and every user action is stored and restorable. Any number on screen can be traced back to exactly what produced it.

What gets recorded (click to expand)

The evidence log captures the inputs needed to reproduce a result; the audit log captures who did what.

πŸ”Ž Query event evidence logβ€Ί
Logged every time a read-only query runs. Captures the exact SQL, row count, a code fingerprint (hash), the AI model + prompt version, the data version each table was read at, and a link to the source conversation.
πŸ§‘β€πŸ€β€πŸ§‘ Cohort event evidence logβ€Ί
When a cohort is saved: its name, version, patient count, the SQL, the rationale spec (concept→column mapping, assumptions, caveats), and the data version. This is what a reviewer reads instead of the SQL.
πŸ“‹ Feasibility event evidence logβ€Ί
When a feasibility report is produced: the metrics (eligible N, biomarker availability, follow-up, covariate completeness, attrition), the linked cohort, and the data version.
βœ… Review event evidence logβ€Ί
Every validation decision: validate / needs-changes / reject / merge / delete β€” with who did it, when, and their comment.
πŸ› οΈ Tool invocation auditβ€Ί
Every single AI tool call: the tool name, arguments, the policy decision (allowed/denied), success/failure, error, and how long it took.
πŸ€– AI model call auditβ€Ί
Each call to the language model: provider, model, prompt & completion token counts, latency, and outcome.
πŸ” Authentication & access auditβ€Ί
Logins, logouts, access grants/revocations, and any access denials.
πŸ’¬ Conversations & messages storedβ€Ί
Every chat and message is stored and fully restorable β€” including the tool cards and charts β€” so any session can be re-opened exactly as it was.

Every main user action is stored

Asked a question

Conversation + message saved & restorable.

Built / saved a cohort

Versioned record + rationale + provenance.

Ran a feasibility check

Report stored, linked to its cohort.

Validated / rejected

Review decision + comment + reviewer.

Reused a cohort

Logged as the query/feasibility that used it.

Merged / deleted

Recorded with who and when.

Every governed query

Exact SQL + data version captured.

Every AI step

Tool + model + prompt version captured.

Why it matters

This is what turns a one-time analysis into a reusable evidence asset: any result is reproducible (same code, same data version), inspectable (who, when, why), and inspection-ready for internal QA or a regulator β€” with nothing to reconstruct after the fact.

Append-only evidence log + audit trail + restorable conversations β€” the glass box.