1. Purpose
iRemedy Healthcare Companies, Inc. (“iRemedy”) deploys artificial intelligence across its technology platforms, operations, and customer-facing services. This policy establishes the principles, safeguards, and commitments that govern how iRemedy builds, uses, and oversees AI systems — ensuring they serve our customers, partners, and the public interest with accuracy, transparency, and accountability.
This policy applies to all AI systems operated by or on behalf of iRemedy, including but not limited to MetaCommerceRx, TradeSpy (TheTradeSpy.ai), the iRemedy Peptide Institute knowledge layer, and internal operational tools.
2. Core Principles
Accuracy over speed. AI outputs that affect customers, suppliers, or regulatory determinations are validated before action. We do not trade compliance for convenience.
Human authority on consequential decisions. AI informs. Humans decide. No AI system has final authority on regulatory determinations, KYC approvals, financial transactions, or clinical guidance.
Transparency by default. When AI generates, assists, or influences content or decisions that reach a customer, we disclose it. We do not disguise AI-generated output as human-only work where the distinction matters.
Data stewardship. Customer data processed by AI systems is treated with the same care as protected health information — regardless of whether HIPAA technically requires it.
Continuous improvement. AI systems are monitored, tested, and refined. We assume every model has failure modes and build accordingly.
3. How iRemedy Uses AI
3.1 Supply Chain Intelligence
- Country-of-origin verification for 129,140+ National Drug Codes (NDCs) via TradeSpy
- Manufacturer qualification monitoring — continuous surveillance of FDA enforcement actions, Form 483s, warning letters, and Import Alert status
- Cold-chain anomaly detection — real-time monitoring of temperature data from logistics partners to flag excursions before they affect product integrity
3.2 Customer Onboarding & Verification
- License verification — automated validation against state boards of pharmacy, NABP, PCAB, and DEA databases to generate risk assessments during customer onboarding
- Document intelligence — extraction and validation of data from customer-uploaded documents (pharmacy licenses, DEA registrations, accreditation letters)
- Adverse media screening — monitoring of public records for board actions, legal proceedings, and news relevant to customer compliance standing
All onboarding decisions are reviewed and approved by a qualified human before any account is activated.
3.3 Product & Content Intelligence
- Product detail page generation — AI assembles structured product information from Certificates of Analysis, regulatory filings, and manufacturer data. Every page is reviewed and approved by a human editor before publication
- Peptide Institute educational content — AI assists in drafting clinical and regulatory educational materials. All content is reviewed by subject matter experts and, where applicable, Key Opinion Leaders before publication
- Multi-format content production — AI assists in adapting long-form content into derivative formats (summaries, social posts, newsletter excerpts)
3.4 Customer Experience
- On-site AI assistant — available to answer sourcing, product, and regulatory questions based on iRemedy’s catalog and published educational content
- Portal co-pilot — within MetaCommerceRx, assists customers with order history queries, spend analysis, and replenishment recommendations
- Demand forecasting — predictive models that suggest reorder timing and quantities based on historical purchase patterns
3.5 Operations
- DSCSA document generation — automated production of transaction history, transaction information, and transaction statement (T3) documents
- Inventory optimization — predictive models that balance stock positioning across locations to reduce stockouts and expiry
- Customer service triage — AI handles routine Tier-1 inquiries and routes complex issues to human support staff
4. Human-in-the-Loop Requirements
The following decisions always require human review and approval, regardless of AI involvement in the process:
| Decision Type | Human Authority |
|---|
| Customer KYC / account approval | Compliance team |
| Regulatory status determinations | Compliance / Legal |
| Financial transactions and credit decisions | Finance / Operations |
| Published content (product pages, Institute articles) | Editorial / Medical review |
| Supplier qualification and onboarding | Quality / Sourcing team |
| Clinical or therapeutic claims | Not made — see Section 6 |
| Customer escalations beyond Tier-1 | Human support staff |
AI may prepare, recommend, draft, or flag — but a qualified human makes the final call on all items above.
5. Data Handling & Privacy
What AI systems process:
- Product catalog data (public regulatory filings, Certificates of Analysis, manufacturer documentation)
- Customer business information (pharmacy licenses, DEA registrations, order history, account data)
- Publicly available regulatory data (FDA databases, state board records, enforcement actions)
- Aggregated and anonymized usage patterns for demand forecasting
What AI systems do not process:
- Patient health information (PHI)
- Patient prescription records
- Social Security numbers or personal financial account numbers
Data protection commitments:
- Customer business data is encrypted in transit (TLS 1.2+) and at rest
- AI model training does not use individual customer transaction data without explicit consent
- Customer data is not shared with third-party AI providers for their model training purposes
- Access to AI systems processing customer data is role-based and logged
- iRemedy maintains SOC 2 Type II compliance across its infrastructure
- State privacy law compliance (CCPA and applicable state regulations) is maintained, including data subject access and deletion rights
6. Content & Marketing Guardrails
- No therapeutic claims. iRemedy is a wholesale distributor. We do not manufacture, compound, or dispense. AI systems are not permitted to generate language claiming any product “treats,” “cures,” or is “effective for” any condition.
- No off-label promotion. Compounded preparations are not FDA-approved drugs and are never marketed as such.
- No patient-facing content. All AI-generated marketing and educational content targets licensed healthcare professionals (pharmacists, prescribers, clinic operators) — never consumers or patients directly.
- No fabricated citations. AI-assisted content must reference verifiable, published sources. If a citation cannot be verified, it is removed before publication.
- Disclosure when material. Where AI has substantively generated or drafted content (beyond editing or formatting), this is disclosed in the publication workflow.
7. AI Decision Logging & Auditability
Every AI-driven action that affects a customer, supplier, or compliance determination is logged with:
- Timestamp
- AI model and version used
- Input data or prompt (summarized where necessary to protect privacy)
- AI-generated output or recommendation
- Action taken (and by whom, if human-reviewed)
- Outcome or disposition
Logs are retained in accordance with iRemedy’s data retention policy and are available for internal audit, regulatory inquiry, or customer request.
8. AI Security & Testing
Quarterly red-team exercises. iRemedy conducts internal adversarial testing of its AI systems at least quarterly, covering:
- Prompt injection and jailbreak resistance
- Hallucination detection (fabricated facts, citations, or data)
- Bias evaluation across customer segments
- Data leakage testing (ensuring AI does not surface one customer’s data to another)
Incident response. If an AI system produces output that is materially incorrect, harmful, or exposes sensitive data, iRemedy’s incident response protocol applies. Affected customers are notified in accordance with applicable law and iRemedy policy.
Model updates. Changes to AI models or providers that affect customer-facing functionality are tested in staging environments before production deployment.
9. Third-Party AI Providers
iRemedy uses third-party AI infrastructure (including Anthropic and OpenAI APIs) as components within its platforms. Our commitments:
- Customer data sent to third-party AI APIs is limited to what is necessary for the specific function
- iRemedy’s agreements with AI providers prohibit the use of iRemedy customer data for provider model training
- Third-party AI outputs are subject to the same human-review and logging requirements as internally generated AI outputs
- Provider selection is reviewed periodically for security posture, data handling practices, and reliability
10. Standards & Roadmap
| Standard | Status |
|---|
| SOC 2 Type II | Maintained |
| DSCSA Compliance | Maintained |
| CCPA / State Privacy Laws | Compliant |
| ISO 42001 (AI Management System) | Planned — Year 2 target |
11. AI & Web Crawlers
iRemedy publishes a /llms.txt file that provides AI systems with structured information about the company, its services, and its authoritative content.
- AI crawlers may index and cite publicly available content on iremedy.com
- AI systems citing iRemedy content should attribute it to “iRemedy Healthcare” with a link to the source page
- Gated content (customer portal, pricing, account data) is not available to crawlers
- iRemedy reserves the right to update crawler permissions via robots.txt and /llms.txt at any time
12. Contact
Questions about this AI policy, requests for information about how AI is used in your account, or concerns about AI-generated content can be directed to:
iRemedy Healthcare Companies, Inc.
Email: compliance@iremedy.com
1239 SE Indian Street, Unit 112, Stuart, FL 34994