Court-ready integrity for the post-payment integrity era.
10-slide introduction for the MCO C-suite. What JIL is, the FWEA problem at MCO scale, our three-tier engagement model (Tier 1 detection plus Ava, Tier 2 per-case substantiation, Tier 3 CREB® court-ready bundle), why we are different, how to start a 30-day POC with zero PHI, and the ROI math that pays for the program on case #1.
What this brief is for.
If you're an MCO Chief Compliance Officer, an SIU director, or a Medicaid health-plan executive, this is the short answer for the regulatory situation we're addressing. The full brief sits below.
Why the 60-day clock matters
CMS / HHS-OIG audit posture in 2026 has tightened the post-audit response window. The 60-day clock is the timeline between audit notice and the moment your plan owes a corrective-action plan or a financial response. Underprepared plans lose multi-year recoupment fights they should have won.
What JIL provides
Pre-built CREB® evidence packages covering FWA detection methodology, claim-level audit defensibility, and per-finding remediation. Walk into an audit with a signed evidence package per challenged claim cluster, not a binder of unsigned screenshots.
Where this fits in your existing program
JIL doesn't replace your in-house SIU or your existing FWA vendor. It adds the cryptographic evidence + audit-ready packaging on top. Plans typically run JIL alongside their existing FWA stack for the first 6-12 months.
What to do this week
Schedule a call (link below) for a 30-minute walkthrough of the audit-ready package. We'll show real CMS public-data findings + the CREB® format your auditor will see. No PHI required.
We don't need your PHI to find your fraud.
Tier 1 detection runs on hashed identifiers and analytic features. JIL never sees a member name. Pre-Settlement Attestation, Retroactive Tier 1 with Ava, and Wallet Intelligence operate as a HIPAA Limited Dataset receiver under §164.514(e) or under Safe Harbor de-identification per §164.514(b)(2). PHI enters the workflow only when you authorize a Tier 2 or Tier 3 case escalation, and even then it runs in an isolated enclave that does not co-mingle with the Tier 1 production path.
| Product | Non-PHI PII | PHI / ePHI | BAA scope |
|---|---|---|---|
| Pre-Settlement Attestation | Counterparty, beneficiary, bank fingerprint | No PHI | Limited |
| Retroactive Tier 1 (Ava) | Hashed claim IDs, NPIs, TINs, amounts | No PHI | Limited |
| Retroactive Tier 2 (case investigation) | Yes | PHI · Case-level | Full |
| Retroactive Tier 3 (CREB® hand-engaged) | Yes | PHI · Full case file | Full |
| Wallet Intelligence | Limited | No PHI | Not required |
Executes in days.
Covers Pre-Settlement, Retroactive Tier 1, Wallet Intelligence. Buyer holds the re-identification key. JIL never sees a name. A breach on the JIL side cannot expose your members. Director or VP signoff threshold.
Stages on Tier 1 sign.
Covers Tier 2 case investigation and Tier 3 CREB® hand-engaged work. PHI runs in an isolated enclave with field-level audit log under §164.312(b), per-case access provisioning, and the §164.410 60-day breach notification ceiling. CPO, CCO, or General Counsel signoff.
Amazon Web Services, Inc. · the AI cloud beneath Ava.
JIL hosts agentic AI workloads on AWS (Bedrock + SageMaker). AWS Bedrock + SageMaker maintains SOC 2 Type II and ISO 27001 alignment, operates a published Shared Responsibility Model, signs a HIPAA Business Associate Agreement on request, and has a publicly disclosed HITRUST CSF program in flight.
By tier: Ava on AWS Bedrock + SageMaker is a no-PHI path. Tier 1 inference logs, embedding stores, and prompt-context windows do not contain PHI by architecture (the hashes never decrypt). Tier 2/3 PHI does not leave JIL's enclave; where AI assistance is needed, requests route through a controlled gateway with PHI redaction or tokenization before any external inference call.