PHIIR Labs Responsible Use Statement

Last updated: October 2025

PHIIR Labs develops deterministic decision-support systems designed to improve the reliability, safety, and traceability of human decisions in complex environments.
We recognize that all technologies influencing clinical or operational decisions must be used responsibly, with human oversight and institutional governance at every stage.

1. Human-in-the-loop by design

Our systems are built for human decision support, not replacement.
All PHIIR software requires human interpretation and accountability.
Users remain the final decision-makers, and no PHIIR system is intended to automate clinical judgment or capital allocation without review.

2. Transparent and auditable operation

All PHIIR systems are designed for deterministic, explainable outputs.
Every recommendation or alert is traceable to its logic, rules, or underlying data.
We do not deploy black-box algorithms or probabilistic models that cannot be audited.

3. Responsible data handling

We adhere to UK GDPR, EU GDPR, and equivalent global privacy frameworks.
Personal or sensitive data is processed only when legally justified, ethically reviewed, and contractually controlled.

4. Non-clinical use of investigational software

D.A.N.A (Dose Accuracy & Notification Assistant) is investigational software.
It is not cleared or approved by regulatory authorities and must not be used for direct patient care outside of approved research or pilot settings.

5. Continuous oversight and review

We periodically assess our research, design, and deployment processes to identify bias, misuse, and emergent risks.
Our governance structure includes internal review and external consultation with clinical and data-ethics advisors.

PHIIR Labs promotes technology that is auditable, reviewable, and human-controlled — never autonomous or opaque.

Security & Data Governance

Last updated: October 2025

PHIIR Labs operates under strict information-security and data-governance standards consistent with regulated software development and clinical research expectations.

1. Information Security

  • Encryption: All data is encrypted in transit (TLS 1.3+) and at rest (AES-256 or equivalent).

  • Access Control: Role-based access with least-privilege principle and multi-factor authentication.

  • Monitoring: Access logs, audit trails, and intrusion detection maintained on all systems.

  • Hosting: Data stored within the UK or EEA on ISO 27001-certified infrastructure.

2. Data Governance Framework

  • Compliance: UK GDPR, EU GDPR, and Data Protection Act 2018.

  • Retention: Data retained only for lawful, necessary purposes, then securely deleted.

  • Third Parties: Any vendor or cloud provider is bound by formal Data Processing Agreements (DPAs).

  • Data Subject Rights: Individuals may request access, correction, or deletion via privacy@PHIIRLabs.com.

3. Research and Pilot Data

Pilot or validation data is handled under specific contractual agreements and ethical approvals.
No identifiable patient or institutional data is used without explicit consent or lawful basis.

4. Development Practices

  • Secure development lifecycle (SDLC) with code reviews and vulnerability testing.

  • Controlled deployment environment; no production access for development staff.

  • Versioned repositories with signed commits and traceable release history.

5. Incident Response

Security incidents are logged, triaged, and escalated under defined response plans.
Relevant authorities and partners are notified in line with UK GDPR Article 33 requirements.

PHIIR Labs treats data security and governance as core engineering disciplines, not administrative afterthoughts.

Compliance Notice

Last updated: October 2025

PHIIR Labs operates as a UK-based research and development entity.
We design and test software in compliance with global regulatory frameworks governing digital health and enterprise decision systems.

1. Regulatory Frameworks

Our software development aligns with:

  • UK: Medicines and Healthcare products Regulatory Agency (MHRA) SaMD guidance.

  • US: Food and Drug Administration (FDA) Clinical Decision Support (CDS) principles (non-device and device-bound).

  • Canada: Health Canada SaMD and software-based medical device classification.

  • EU: Medical Device Regulation (MDR) for investigational software.

D.A.N.A (Dose Accuracy & Notification Assistant) is investigational software under development and not approved for clinical use.
Kevpin Signals is a decision-support research program not yet commercially released.

2. Ethical and Research Standards

All pilot and validation activities are designed to meet:

  • Institutional ethical review where applicable.

  • Data-protection impact assessments (DPIA).

  • Proportional risk classification per MHRA and Health Canada guidance.

3. Corporate Compliance

PHIIR Labs Ltd is registered in the United Kingdom and complies with:

  • Companies Act 2006 (corporate governance).

  • Data Protection Act 2018.

  • UK GDPR.

4. Disclaimer

All material on www.PHIIRLabs.com is for informational and research communication purposes only.
It does not constitute medical, financial, or operational advice and should not be relied upon for direct clinical or investment decisions.

PHIIR Labs is committed to operating within the letter and spirit of regulatory and ethical standards governing research, safety, and data integrity.

Contact PHIIR Labs
For research partnerships, pilot programs, or investment inquiries: info@phiirlabs.com

We respond to qualified requests aligned with our research focus.

PHIIR Labs Ltd
Deterministic intelligence for the real world.
© 2025 PHIIR Labs. All rights reserved.
Registered in the United Kingdom.

D.A.N.A by PHIIR Labs is investigational software under development and not yet available for clinical use.

Privacy Policy

Responsible Use Statement