Skip to content
FonteumThe Graph
DataResearchCare CompareThe DifferAttestAPI
See the proof
  • Data
  • Research
  • Care Compare
  • The Differ
  • Attest
  • API
See the proof

Compliance posture

Methodology · Corrections log · Editorial policy

Fonteum
Products
The DifferAttestAPIFHIR API
Data
Care CompareResearchData catalogSources
Company
AboutPressEditorial policyCorrections
Legal
Privacy policyTerms of serviceMedical disclaimer

Reviewed by Jennifer Montecillo, MD, medical reviewer. Non-practicing medical reviewer.

© 2026 Fonteum, Inc. All rights reserved.

The U.S. healthcare graph AI can cite — every fact carries its source.

Request access→
Proof · Pillar 2

Bitemporal history & attestation chain

Every fact Fonteum publishes traces to a specific government file with a known SHA-256. The chain below shows how: a claim records when the source asserted it (valid-time) and when we recorded it (system-time). Anyone can re-download the source file and confirm the hash — no login required.

How the chain works

  1. 1
    Claim — A fact about a facility or provider (e.g. star rating at CCN 460057). Has valid_from, valid_to, and recorded_at columns (bitemporal).
  2. 2
    Source — The exact government CSV fetched at a specific date. Fonteum stores the SHA-256 of the raw file so you can re-download and confirm it.
  3. 3
    Snapshot + witness — An aggregate snapshot of the ingest is signed with an Ed25519 key (methodology: in-toto-witness/v1). The signed payload contains the SHA-256 of the snapshot contents.

Bitemporal columns

ColumnAxisMeaning
valid_fromValid-time startWhen the source asserted this fact became true
valid_toValid-time endWhen the fact stopped being true; null = still current
recorded_atSystem-timeWhen Fonteum first wrote this row to the database

Backfill note: valid_from ← asserted_at; recorded_at ← created_at. No valid-time was fabricated.

Worked example — real claim

Claim
id:b5f3b055-abb5-4dbe-8a6b-745b2fa49455
claim_key:facility.09002f.star_rating.2026q2
metric:star_rating
value:3 rating_1_5
valid_from:2026-06-04T16:50:27.482+00:00
valid_to:— (current)
recorded_at:2026-06-04T16:50:31.286726+00:00
Source
name:CMS Hospital General Information 2026-04-28
publisher:Centers for Medicare & Medicaid Services
retrieved:2026-06-04T16:45:19.411+00:00
sha256:83c98b2e8687580e0482b13e1e9acd5813534be243e5ccd9f55556a869595d40
Point-in-time diff

Check any claim

Paste a provenance_claims UUID to see its attestation chain.

Methodology

Witness signature algorithm
Ed25519 (Node.js crypto module)
Canonical payload format
{"methodology_version":"...","sha256":"...","signed_at":"...","snapshot_id":...} — Keys always sorted alphabetically for determinism.
Methodology version pinned
in-toto-witness/v1
Source hash
SHA-256 of the raw downloaded file, stored in provenance_sources.content_sha256
See also: /chain — snapshot attestation chain head · /trust — integrity overview

The claim above has valid_from = 2026-06-04 and valid_to = null (current). When CMS releases updated data and a new claim supersedes this one, valid_to will be set and the diff will show the change.

# Point-in-time query
GET /api/attest/pit?claim_key=facility.09002f.star_rating.2026q2&as_of=2026-06-04
Audit command
# Confirm the source file hash (no login needed)
curl -s 'https://data.cms.gov/provider-data/sites/default/files/resources/893c372430d9d71a1c52737d01239d47_1777413958/Hospital_General_Information.csv' | sha256sum
# Expected: 83c98b2e8687580e0482b13e1e9acd5813534be243e5ccd9f55556a869595d40
Full chain
# Full attestation chain for this claim
curl https://fonteum.com/api/attest/claim/b5f3b055-abb5-4dbe-8a6b-745b2fa49455