Skip to main content
ForensicShield(go to home page)
Compliance

Forensic Framework Alignment

How ForensicShield aligns with APA Specialty Guidelines, AAPL Practice Guidelines, Daubert and FRE 702, and state psychology board record retention standards — published here because no forensic-AI competitor does.

Zero-Exposure ArchitecturePHI never leaves AWS Bedrock
Encrypted at Every LayerAES-256-GCM with AWS KMS envelope keys
Tamper-Proof Audit TrailAppend-only logs, 7-year retention
BAA RequiredSigned before any PHI upload
APA Specialty Guidelines

APA Specialty Guidelines for Forensic Psychology (2013)

Published by APA Division 41 (American Psychology-Law Society) and adopted by the American Academy of Forensic Psychology (AAFP). These guidelines govern the professional conduct of psychologists in forensic roles, including evaluation, report writing, and testimony. ForensicShield is calibrated to these four core guidelines that most directly affect report defensibility.

Guideline 3 — Scope Limits

Forensic practitioners operate within the boundaries of their defined competence and the scope of the specific referral question.

ForensicShield's analysis passes are scoped by evaluation type — competency, custody, criminal responsibility, violence risk, SVP, mitigation, personal injury. The AI is explicitly instructed not to opine beyond the defined evaluation type, and each pass identifies only vulnerabilities relevant to the referral class. The evaluator's disciplinary identity (psychologist, psychiatrist, neuropsychologist) further scopes what the platform flags.

Guideline 4 — Examiner Role Boundaries

Forensic practitioners maintain boundaries between their role as an evaluator and other roles such as therapist, consultant, or fact witness.

ForensicShield is a preparation tool, not a substitute for examiner judgment. Every suggestion is framed as a consideration — "You may want to..." and "Consider..." — never as a directive. The platform never provides diagnostic opinions or tells the evaluator what to conclude. Clinical responsibility remains entirely with the credentialed expert.

Guideline 6 — Informed Consent

Forensic practitioners address the nature and purpose of the evaluation, the intended use of the report, and who will have access to it.

ForensicShield surfaces structural completeness checklists that include informed-consent documentation elements. The platform flags reports that omit standard consent language or fail to address the evaluee's understanding of the non-confidential nature of the assessment.

Guideline 8 — Record-Keeping

Forensic practitioners maintain records of their work, including notes, data, and all information used in forming their opinions.

Every report uploaded to ForensicShield is stored with AES-256-GCM envelope encryption, audit-logged on every access, and retained for a minimum of 7 years — one year beyond the HIPAA minimum and meeting or exceeding all state psychology board requirements listed below. Full-text PDF and DOCX export preserves the original alongside the analysis record.

Source: American Psychological Association. (2013). Specialty Guidelines for Forensic Psychology. American Psychologist, 68(1), 7–19. https://doi.org/10.1037/a0029889

AAPL Practice Guideline

AAPL Practice Guideline for Forensic Assessment (2015)

Published by the American Academy of Psychiatry and the Law in the Journal of the American Academy of Psychiatry and the Law, 43(2), S3–S53. The guideline applies broadly to forensic psychiatric and forensic psychological assessments and addresses collateral data, documentation, and written report standards.

Collateral Information

The AAPL Practice Guideline emphasizes thorough collateral data collection and its proper integration into the forensic opinion.

Alignment: ForensicShield reviews whether collateral sources are documented, whether the report explains how collateral data was weighted relative to self-report, and whether any conflicts between sources are addressed — all encrypted and audit-logged.

Written Records

The guideline recommends that forensic psychiatrists maintain complete written records of their work.

Alignment: Original uploaded reports are retained in S3 with SSE-KMS encryption and S3 versioning enabled. Full-text export generates PDF and DOCX with the complete analysis record. Every export is audit-logged with user identity, timestamp, and request ID.

Session Recordings

The guideline addresses documentation of recorded evaluation sessions.

Alignment: ForensicShield does not record or transcribe evaluation sessions. The platform processes only the completed written report. If the evaluator attaches session notes or transcripts, those are treated as collateral documentation under the same encryption and audit controls.

Federal Rules of Evidence

Daubert + FRE 702 — How ForensicShield Fits

Federal Rule of Evidence 702 (amended December 1, 2023) requires that expert testimony be based on sufficient facts or data, the product of reliable principles and methods, and that the expert reliably applied those methods to the facts of the case. The four Daubert v. Merrell Dow Pharmaceuticals, Inc., 509 U.S. 579 (1993) factors remain the dominant test across federal courts and most state Daubert jurisdictions.

Positioning principle: ForensicShield is a preparation tool used by the forensic expert before testimony. The credentialed expert testifies — not the AI. Findings generated by ForensicShield are not submitted into evidence; they support the expert’s own pre-testimony review.

FRE 702(b) — sufficient facts or data

Testability

Has the theory or technique been tested? Can it be falsified?

ForensicShield: ForensicShield's regression suite runs against 193 calibrated cases with a documented 97.8% Loop 1 classification rate. The methodology white paper (MODEL_CARD.md) describes the 3-tier clinical-read architecture, pass definitions, consensus vote logic, and known limitations.

FRE 702(c) — reliable principles and methods

Peer Review & Publication

Has the theory been subjected to peer review and publication?

ForensicShield: The vulnerability taxonomy is calibrated against the published forensic literature on each evaluation type. Landmark cases and methodological standards are sourced from CourtListener, Google Scholar, and verified primary sources. The platform does not generate novel scientific claims — it surfaces documented gaps in how existing standards were applied.

FRE 702(c) — applied reliably

Known Error Rate

What is the technique's known or potential error rate?

ForensicShield: ForensicShield documents its known error rate: 97.8% Loop 1 classification on 193 calibrated cases. Nondeterministic cases (5 of 25 in the regression suite) are flagged. Limitations are published in MODEL_CARD.md including construct-adequacy constraints: no instrument absence can generate severity by itself without construct relevance, omission, and a strong opinion already given.

FRE 702(d) — expert has reliably applied the methods

General Acceptance

Is the technique generally accepted in the relevant scientific community?

ForensicShield: ForensicShield reviews reports against the accepted professional standards — APA Guidelines, AAPL Practice Guidelines, AFCC Model Standards, published actuarial instrument manuals — rather than introducing proprietary scientific claims. The AI identifies departures from accepted practice; it does not define what accepted practice is.

Proposed FRE 707 (Aug 2025 draft). A proposed rule would require AI-generated evidence to satisfy Daubert independently. ForensicShield’s prep-tool architecture sidesteps this: the AI output is not offered as evidence; the forensic expert’s own opinion — which the platform helped the expert stress-test — is what enters the record.

State Psychology Board Standards

Record Retention Requirements by State

State psychology board regulations impose record retention requirements that vary from 5 to 10+ years. HIPAA’s 6-year minimum is a floor, not a ceiling. ForensicShield retains audit logs in CloudTrail Object Lock COMPLIANCE mode for 7 years — meeting California, Florida, New Jersey, and Oregon requirements. For longer state-specific periods (Texas, Washington), we provide full export so evaluators can maintain local archives per their board rules.

State / AuthorityMinimum RetentionCitationNotes
Texas
10 + 10 after minor turns 18 yearsTBPC §465.22Longest retention requirement in the table
Washington
8 yearsWAC 246-924-353
California
7 yearsCA BPC §2983
Florida
7 yearsFL 64B19-19.006
New Jersey
7 yearsNJ Admin. Code 13:42-10.17
Oregon
7 yearsOAR 858-010-0035
Pennsylvania
5 years49 Pa. Code §41.58
HIPAA minimum (federal)
6 years45 CFR §164.316ForensicShield baseline

ForensicShield approach. Audit logs are retained for 7 years in CloudTrail Object Lock COMPLIANCE mode (matches CA/FL/NJ/OR). Encrypted report records are retained for the same period. Practitioners in Texas or Washington who need 8–10+ year records can export their full archive at any time via the data export endpoint — and must maintain local copies per their board rules.

State AI Disclosure Obligations

Emerging State AI Regulations

Several states have enacted or are enacting AI-specific disclosure laws that may apply to practitioners using AI tools in regulated contexts. ForensicShield monitors these requirements and designs its platform architecture to minimize obligation burden on practitioners. See the AI in the Courtroom page for full state-by-state tracking.

TexasJanuary 2026

TRAIGA

Texas Responsible AI Governance Act. Requires deployers of high-risk AI systems to conduct impact assessments and provide disclosures to affected persons.

Practice note: ForensicShield is a preparation tool used by the forensic expert before testimony. The evaluator — not the AI — testifies. The platform's design positions the AI as an assistant to the credentialed expert, which reduces TRAIGA deployer obligations. Clients practicing in Texas should consult counsel on applicable disclosure requirements.

ColoradoJune 2026

Colorado AI Act (SB 24-205)

Requires developers and deployers of high-risk AI systems affecting consequential decisions to perform algorithmic impact assessments and disclose AI use.

Practice note: Colorado's definition of consequential decisions includes professional assessments. Forensic evaluators using ForensicShield in Colorado matters should document that clinical conclusions remain exclusively their own professional judgment and that ForensicShield is a structured quality-assurance tool, not a decision-making system.

UtahMay 2025

Utah Artificial Intelligence Policy Act (AIPA)

Requires entities using AI to interact with consumers in regulated occupations to disclose the use of AI when a user asks.

Practice note: Utah AIPA focuses on consumer-facing AI interactions, not back-office professional tools. ForensicShield does not interact with evaluees or clients — it supports the forensic professional's own preparation work. Even so, evaluators should be prepared to disclose tool use if asked during deposition or cross-examination.

Trust & Compliance

More compliance resources.

ForensicShield publishes its security architecture, HIPAA compliance map, and subprocessor list for the same reason it publishes this page: practitioners have professional obligations that require documented assurances, not vendor assurances buried in a sales conversation.

Zero-Exposure ArchitecturePHI never leaves AWS Bedrock
Encrypted at Every LayerAES-256-GCM with AWS KMS envelope keys
Tamper-Proof Audit TrailAppend-only logs, 7-year retention
BAA RequiredSigned before any PHI upload
HIPAA Compliant
AES-256
TLS 1.2/1.3

Standards-aligned forensic report review.

Try ForensicShield on a sample report — no upload required. Then run your own.

Run a Free Sample Analysis →

14-day free trial · 2 reports included (1 sample + 1 of your own) · A payment method is collected for identity verification — your card will not be automatically charged when the trial ends · HIPAA compliant