An auditor sits across from you with a single page of questions. They are not interested in your model architecture, your prompt engineering, or your evaluation harness. They want to know one thing: when your AI agent answered a clinician's question last Tuesday, what data did it see, who authorized that access, and can you prove it. This is the moment most clinical AI systems quietly fail. Not because the team did not care about compliance — they did — but because the system was architected to make AI work, not to make audits work. Authorization was an application-layer concern. Audit logs captured user clicks but not model retrievals. The vector database lived outside the compliance perimeter. The agent reached data through generated queries that were never persisted in a form an auditor could reconstruct. Clinical AI is shipping into hospitals now. The first wave of HIPAA audits and security reviews of these systems is already underway.…