A certification is only as strong as the standard behind it. This page publishes ours: the competencies we certify, how they're assessed, what it takes to pass, and how the standard itself stays current as AI changes.
HAIC certifies people, not tools — role-appropriate competency in the safe, effective, and compliant use of AI in healthcare work.
Credential family
Each certificate carries the credential code pinned to the standard version it was assessed against, the named experts' signatures, and a verification ID.
Competency domains
Every credential assesses the same six domains — weighted for what that role actually faces. A nurse and a CIO answer different questions about the same realities.
What AI systems are and aren't; where AI already lives in the clinical stack — EHR features, ambient documentation, decision support — and the vocabulary to talk about it precisely.
PHI and HIPAA in the presence of AI tools. What may — and may never — be entered into an AI system, sanctioned vs. unsanctioned tools, and minimum-necessary thinking applied to prompts.
Getting real value from approved AI while keeping human accountability: verifying AI output, resisting automation bias, knowing when to overrule, documenting AI-assisted work.
Hallucination, bias, drift, and brittleness at the edges. Recognizing AI failure in the wild — and knowing the escalation and incident path when output goes wrong.
Policy structures that actually work, evaluating AI vendors and tools for clinical safety and compliance, responsibility chains, and audit expectations.
AI shifts under everyone's feet. The obligation — and the skill — of evaluating new AI capabilities with these same frameworks between recertification cycles.
Assessment blueprint
Assessments are SCORM packages delivered inside your existing LMS — randomized item pools, full attempt tracking, nothing new for IT to stand up. Items present a realistic situation and require a judgment call.
| Domain weight (% of items) | HAIC‑F | HAIC‑C | HAIC‑L | HAIC‑G |
|---|---|---|---|---|
| D1 · Fundamentals | 25 | 15 | 15 | 10 |
| D2 · Data protection | 30 | 20 | 10 | 20 |
| D3 · Use & oversight | 20 | 30 | 15 | 10 |
| D4 · Limits & risk | 15 | 20 | 15 | 25 |
| D5 · Governance | 5 | 10 | 35 | 30 |
| D6 · Currency | 5 | 5 | 10 | 5 |
| Format | 30 items · 30 min | 50 items + 2 tasks · 60 min | 40 items · 45 min | 50 items + 2 tasks · 60 min |
Overall score of 80% or higher, and at least 60% in every domain. Nobody gets certified by acing fundamentals while failing data protection. Performance tasks, where required, must both pass against a published rubric.
Two attempts included. A third requires a 14-day wait and targeted remediation modules for the domains that fell short — retraining, not re-rolling the dice.
LMS-attributed identity, full attempt logging, randomized item pools, and organizational attestation of testing conditions.
Validity & recertification
The AI your staff learned eighteen months ago is not the AI in front of them today. A credential that never expires stops meaning anything.
Pass the assessment for your role's credential. The certificate is pinned to the standard version you were assessed against — e.g., HAIC‑C v1.0.
As the standard evolves, updates are published in a public changelog. Material changes take effect at your next recertification — never retroactively.
Before the 18 months are up: a focused delta curriculum — what changed since you certified — and a shortened exam weighted to the changes. Renews for another 18 months.
Governance of the standard
A standard that nobody maintains is a certificate mill. This one has named owners, a review clock, and a public paper trail.
The three founding experts, with practitioner advisory seats (sitting CNIO/CMIO) planned as the program grows. Board members disclose commercial interests; items touching any member's products are independently reviewed.
Scheduled semi-annual review, plus out-of-cycle updates when AI materially shifts: a new modality in clinical use, major regulatory action, or a high-profile failure mode.
Minor versions clarify and refresh. Major versions change competencies — and take effect at each holder's next recertification, never retroactively.
Competencies map to NIST AI RMF, HIPAA, ONC and WHO guidance where applicable, and the standard is documented so CEU / contact-hour accreditors can audit it.
Verification IDs (HAIC-year-serial) resolve against a registry showing credential, standard version, dates, and status — active, expired, or revoked. Verify a certificate →
The 3-minute AI Readiness Assessment scores your organization across the same four readiness pillars our program builds.