• qa_deck_100#slide 49 · Outputs, review decisions, and retention

RAIDT records an output hash as well as the output text because the two fields do different governance jobs inside the run-level evidence pack. The output text preserves the substantive content that reviewers need to read, interpret, and assess for the task at hand. The output hash preserves the integrity state of that content at the moment the run was recorded. In the RAIDT papers, run-level auditability depends not only on completeness of records but also on whether those records can be trusted not to have been altered after the fact. A cryptographic output hash therefore makes later change detectable and gives the output a stable evidential fingerprint that can be linked to the run ID, prompt version, model deployment, retrieval snapshot, and oversight decision.

This matters because RAIDT defines the run as the unit of governance. In that setting, governance questions concern one configured use in context, not merely a model in the abstract. The hash allows the recorded output to function as a reviewable artefact across the five pillars (Responsibility, Auditability, Interpretability, Dependability, Traceability), especially Auditability and Traceability. It also supports privacy- and security-aware evidence design. The Foundations paper explicitly notes that full prompts and outputs may sit in secure storage with restricted access, while hashes and identifiers still permit integrity checking and evidence linkage. In that sense, the output text answers, "what was produced?", whereas the output hash helps answer, "is the reviewed record still the same output, and can it be reliably tied back to this governed run and its score profile?"

In a healthcare note-summarisation workflow, a GenAI assistant drafts a discharge summary that is then reviewed by a clinician. The organisation stores the output text in a controlled clinical repository, but the run-level evidence pack also records an output hash such as SHA256:... alongside the prompt template version, model deployment ID, retrieval snapshot ID, and reviewer decision.

Months later, a complaint is raised that the discharge advice omitted a warning about follow-up tests. Reviewers need to know whether they are inspecting the exact generated draft that was originally reviewed or a later edited copy. The output text lets them examine the content, but the output hash lets them verify that the stored artefact still matches the run record. That is why RAIDT keeps both: the text supports substantive review, while the hash supports integrity checking, contestability, and defensible reconstruction of the governed run.

• 08-RAIDT_Foundations_M_V50
• 13-RAIDT-Evidence-Review_M_v10