AI Risk Inventory

1. AI systems in use

Pleadly’s analysis stack runs across three locally-hosted large-language-model endpoints, each scoped to a distinct purpose. None of these models call out to a third-party AI vendor; inference happens on Pleadly-controlled infrastructure and customer data does not leave Pleadly’s network for model inference.

Vector retrieval for verdict-comp similarity matching uses Qdrant against a curated set of approximately 300 California verdicts. Embeddings are derived from case features and verdict descriptions; plaintiff PII is not embedded.

2. Consequential decisions

Pleadly’s AI assists with but does not decide any of the following. Final responsibility rests with the licensed attorney via the controls described in section 4.

• Demand amount calculation: suggests a range from comparable-verdict anchoring; attorney sets the final number.
• Treatment-gap severity classification: tiers gaps as critical, warning, or info; attorney can dismiss or escalate any gap.
• Comparative-fault risk scoring: scans police reports for plaintiff-attributable signals (entity-aware); attorney can mark any factor non-applicable.
• Citation grounding: fuzzy-matches each claim back to its source paragraph; a minimum 0.7 score is required.
• Future-medical detection: flags surgical, durable medical equipment, and ongoing-therapy indicators.

3. Algorithmic-discrimination management

Pleadly does not score plaintiffs against protected-class attributes and does not derive consequential decisions from race, sex, national origin, age, disability, or other protected characteristics. Demand-amount suggestions anchor on injury type, treatment cost, and California verdict comparables filtered for case similarity — protected-class data is not an input.

Pleadly logs every AI contribution to an immutable audit log, requires attorney review before any work product ships, provides citation traceability for human review, and periodically reviews aggregate output patterns for unexpected correlation with plaintiff demographics. Material findings trigger the notification protocol in section 6.

4. Human oversight controls

Pleadly’s compliance posture is schema-level, not policy-level. The controls below are enforced by the database, not by business logic that could be bypassed.

• Attorney review enforcement. The export route refuses to generate a final demand PDF until the assigned attorney accepts the draft.
• Block-on-unsupported-claims. When any claim is flagged as unsupported by source documents, export is refused. The attorney must dismiss, address, or accept each flagged claim. Every resolution is audit-logged.
• Citation grounding requirement. Facts whose grounding score falls below 0.7 are automatically downgraded to a maximum 0.5 confidence.
• OCR confidence tiers. Source documents are tagged Excellent, Good, Fair, or Poor; downstream extractions inherit this tier as usage guidance.
• Cross-tenant isolation. Postgres row-level security enforces per-organization data boundaries. Pleadly’s test suite contains 44 explicit cross-tenant assertions covering every plaintiff-bearing table.

5. Data-subject rights

A firm may at any time export their data, delete their data, or request a written explanation of any AI decision. Audit log entries identify which AI surface produced any flagged output and survive account deletion in metadata-only form for accountability.

6. Notification protocols

Pleadly will notify affected firms within 72 hours of identifying any material AI failure — defined as a hallucinated factual claim shipping to a defendant, a cross-tenant isolation breach, a consequential-decision input materially differing from its source document, or an algorithmic-discrimination finding. A public incident summary follows within 7 days.