A private-AI deployment a partner can defend

The organisation's principal investigators wanted to use a language model on clinical-trial documentation. Their compliance counsel had reviewed the cloud-API option and concluded that sending the documents to a third-party model — even one with a Business Associate Agreement — created a risk profile the organisation could not defend. The team had read the public material on private AI deployment and had three constraints to satisfy at once: clinical data must never leave the boundary, retrieval must respect study and arm boundaries, and the system must be operable by the existing IT lead after handoff.

Weeks 1–2 were discovery: a threat model, an architecture sketch, and a signed design document the head of research and the IT lead both reviewed. Months 1–3 were the build — weekly written updates, production-quality code with tests, and a deployment that ran end-to-end on the organisation's hardware by the end of month two. Month four was hardening, retrieval-edge-case work, and the operator handoff: a six-hour working session, a runbook in writing, and a knowledge-transfer document that anticipates the questions a future IT lead will ask.

The system has been in active use across three principal investigators for the four months since handoff. The in-house IT lead operates the deployment unattended; Karakor has been retained for a quarterly check-in but is not on operational call. The organisation's compliance counsel has reviewed the architecture and incorporated the deployment into the organisation's HIPAA risk register without exception. The model has refused to answer twenty-three queries it could not source from the indexed corpus — refusals the team has documented as the feature working correctly.