Trust is all you need — and what we rebuilt to get it back

People keep asking me why I am so set on building Prometheno. To be honest, even "Prometheno" doesn't sound like a perfect name.

I keep going because I believe the world deserves a healthcare system that is more trustworthy, more transparent, and more honest about what it knows — one that empowers patients and the clinicians and researchers who serve them, instead of leaving each side guessing about the other. And the thing that has to come first, before any of that, is trust.

There is no shortage of serious models and honest attempts, in both industry and academia. Most of them don't fail on the science. They fail on trust.

A widely deployed proprietary sepsis model — running live in hundreds of U.S. hospitals — was externally validated in 2021 and scored an area under the curve of 0.63, far below the 0.76–0.83 its vendor reported. It missed 67% of patients who actually had sepsis while firing alerts on roughly one in five hospitalized patients.¹ IBM's Watson for Oncology was found by internal documents to have given "unsafe and incorrect" treatment recommendations, in part because it was tuned on a small number of synthetic cases rather than real patient histories.² And outside the clinic, when 1,576 researchers were surveyed, more than 70% said they had tried and failed to reproduce another scientist's results.³

Three different failures. One shape. In each case the science was plausible and the trust was missing — nobody on the receiving end could check what they were being handed. Patients can't see where their data goes once they sign the form. Researchers can't re-run a result that arrived as a paragraph of prose. Clinicians can't audit a model whose real-world behavior is hidden behind a marketing number. Every one of those gaps quietly taxes the system: slower research, repeated tests, missed signals, worse outcomes.

People are not property#

Healthcare data, healthcare knowledge, and healthcare services can all be measured as property. But the people aren't property. Patients are not just the payer. Clinicians and researchers are not just the provider. And health data is not just the data — it's a record of someone's life, and it only moves safely when everyone in the loop can trust the next hop.

So the real question isn't "how do we move more data faster." It's "where does trust actually break, and what would it take to rebuild it there." When I traced it, the trust didn't break in one place. It broke at three seams, in sequence: trust in the data, trust in the knowledge built from it, and trust in the decisions that knowledge drives. We are rebuilding each seam as an open protocol — open because you can't trust what you can't inspect.

Three pillars labeled Trust in Data (Prometheno, patient-centered data ecosystem), Trust in Knowledge (PSDL, computable clinical knowledge), and Trust in Decisions (Veritas, trustworthy AI governance), sitting on a shared foundation of transparency, standards, security, interoperability, and patient sovereignty. — Three seams, one foundation. Trust has to hold across data, the knowledge built from it, and the decisions that knowledge drives — or it doesn't hold at all.

Seam 1 — Trust in data: HAVEN#

The first break is the oldest one. A patient signs a consent form, and from that moment forward they're in the dark. Who looked at the record? For what? Did anyone ever take it back out of circulation? The form was a one-time event; the data has a forever life.

HAVEN is our answer to that seam — an open protocol (CC BY 4.0, DOI 10.5281/zenodo.18701303) for patient-sovereign health data.⁴ Three primitives carry it:

Consent that stays alive. Patients grant, verify, and revoke access as a running relationship, not a signature at intake. Every grant has a content-addressable ID and a cryptographic signature, so a claim of consent can be checked, not just asserted.
An audit log the patient can read. Every access is recorded in a hash-chained, tamper-evident log with Merkle inclusion proofs. Nobody — not even us — can quietly rewrite who saw what, because altering any past entry breaks the chain.
Value that flows back. When a patient's data contributes to research, value returns to the patient. They stay in the loop, not just the dataset.

The point isn't the cryptography. The point is that a patient no longer has to trust us — they can check us.

Seam 2 — Trust in knowledge: PSDL#

The second break is quieter, and almost nobody names it. A cohort definition — "adults admitted to the ICU with sepsis and a lactate above 2 mmol/L" — usually lives inside one analyst's head, or one SQL file no one else can rerun. When a second lab tries to reproduce a finding, they rebuild the cohort from a paragraph of English and hope they landed on the same patients. Often they don't. That's the 70% reproducibility gap, made concrete.³

PSDL — the Patient Scenario Definition Language — makes that logic portable. A cohort definition becomes a hashed, shareable artifact that compiles down to executable queries (SQL, OMOP cohorts, FHIR). Two labs run the same definition and get the same patients, or the hashes tell them exactly where they diverged. Reproducibility stops being a virtue researchers promise each other and becomes a property they can verify. That's how trust between researchers gets rebuilt: you re-run the work instead of trusting the author.

Seam 3 — Trust in decisions: Veritas#

The third break is the newest, and it's growing fastest. A medical model ships with a marketing number — "94% accuracy" — measured on a clean dataset under lab conditions. Then it meets a real patient population and behaves differently, and neither the clinician using it nor the patient affected by it has a way to know. The sepsis model above is exactly this failure: a confident headline number, a much worse reality, and no one downstream able to see the gap until someone ran the audit.¹

Veritas holds models to what they do, not what their datasheet claims, by measuring them against real outcomes (VeritasBench) and logging every model action so it stays explainable and reviewable. The unit of trust here isn't a benchmark in a paper — it's honest, ongoing evidence of how a model performs where it's actually used. This is the seam we're earliest on, and I'd rather say that plainly than overstate it.

This is built, not bluffing#

Philosophy is cheap. Here is what runs today:

A working data layer. 1,000 real (de-identified) MIMIC-IV patients are loaded in OMOP CDM 6.0⁵ — 429,000 lab measurements, 17,600 conditions, 52,900 medication records — mapped against 270,000 OMOP vocabulary concepts and 39 million concept relationships.
A trust layer under test. HAVEN's consent registry and hash-chained audit log are implemented and covered by 27 passing protocol tests (backend/test_haven_protocol.py). Consent grants carry HMAC signatures; audit entries carry Merkle inclusion proofs.
A pipeline that's measured, not described. A reproducible benchmark in the repo (backend/scripts/test_pipeline_performance.py) runs the full FHIR→OMOP ingestion and per-record value calculation end to end, recording the throughput and latency rather than asserting them — currently ~1,120 records/sec ingest and ~3 ms to value a record. Run it yourself; the number is whatever your machine produces.
PSDL compiles. Cohort definitions hash to a stable artifact and generate executable SQL/OMOP/FHIR queries today.

None of this is finished. Value distribution isn't wired end-to-end yet; Veritas is the earliest of the three. But "trust you can check" isn't a slogan here — it's a test suite and a benchmark you can run.

The patient stays in the loop#

A circular flow: Patient → Governance (consent, audit, revocation) → Institutions → Research → Impact, with impact and benefits returning to the patient. Ember serves patients, Forge serves researchers, HAVEN supports clinical leadership. PSDL provides interoperability. — Patient-governed trust as a loop, not a one-way pipe. Governance sits between the patient and every institution; impact returns to the people who made it possible.

Three seams, three protocols, one shape: in each case we replaced a promise with something you can inspect. Consent you can verify. Cohorts you can re-run. Models you can measure. None of it works if the protocols are closed, so all three are open — you can read exactly what we built and tell me where I'm wrong.

And across all three seams, one rule holds: whatever we rebuild, the patient stays in the loop — not just the dataset. The data is a record of a life. Trust is what lets it move without costing the person it belongs to.

The next posts get specific — one seam at a time, starting with what "consent that stays alive" actually has to do that a paper form never could.

Wong A, Otles E, Donnelly JP, et al. "External Validation of a Widely Implemented Proprietary Sepsis Prediction Model in Hospitalized Patients." JAMA Internal Medicine. 2021;181(8):1065–1070. doi:10.1001/jamainternmed.2021.2626. The model achieved an AUC of 0.63 against a reported 0.76–0.83, failed to identify 67% of sepsis patients, and generated alerts on 18% of all hospitalized patients. ↩ ↩²
Ross C, Swetlitz I. "IBM's Watson supercomputer recommended 'unsafe and incorrect' cancer treatments, internal documents show." STAT News, July 25, 2018. The recommendations were attributed in part to training on a limited set of hypothetical (synthetic) cases rather than real patient data. ↩
Baker M. "1,500 scientists lift the lid on reproducibility." Nature. 2016;533(7604):452–454. doi:10.1038/533452a. Of 1,576 researchers surveyed, more than 70% reported failing to reproduce another scientist's experiments. ↩ ↩²
HAVEN whitepaper v2.0 (2026). DOI: 10.5281/zenodo.18701303. Open protocol for patient-sovereign health data, licensed CC BY 4.0; Prometheno is its first reference implementation. ↩
Johnson AEW, Bulgarelli L, Shen L, et al. "MIMIC-IV, a freely accessible electronic health record dataset." Scientific Data. 2023;10:1. De-identified critical-care records released via PhysioNet under a credentialed data-use agreement. ↩