You pay consultants hundreds of thousands of dollars for Sunshine Act data cleansing, and they give you results with no reasoning, no audit trail, and no consistency. This open, free AI platform shows its work on every single record. Bring your own API key. Your data never leaves your browser.
Four steps. No accounts. No servers touching your data.
Get a Claude API key from Anthropic (or use another supported provider). Your key stays in your browser session only.
Drop your CSV or Excel file. It loads into browser memory. Nothing is uploaded to any server.
Select the cleansing workflows you need. AI processes your data according to Sunshine Act rules.
Download cleansed data with confidence scores, audit trails, and comparison-ready formats.
Everything your consultant does, automated with AI and verifiable by you.
Standardize physician names, validate NPI numbers against NPPES registry, resolve duplicates and mismatches with confidence scoring.
Classify payments into correct Open Payments categories. Apply CMS rules. Flag ambiguous items with reasoning for audit trails.
Normalize to USPS standards, match against CMS records and teaching hospital lists, resolve location discrepancies.
Generate dispute response templates, cross-reference source documentation, prepare physician-facing summaries for the 45-day review window.
Calculate aggregate totals, apply de minimis thresholds, validate per-occurrence limits, flag payments crossing reporting thresholds.
CMS-formatted submission files, validation summaries, audit trail documentation, side-by-side comparison reports.
The real question is not whether AI is cheaper. It is whether you can explain your compliance decisions to an auditor.
| Factor | Traditional Consultants | SunshineReportingAI |
|---|---|---|
| Audit Trail | Often undocumented. Ask your consultant why they recategorized a payment. Good luck. | Every decision logged with reasoning. Exportable. Auditor-ready. |
| Consistency | Varies by analyst. Run the same data twice, get different results. | Same rules, same data, same output. Every time. |
| Transparency | Black box process. You pay and trust. | Open source. Read every line of code. Verify every API call. |
| Data Privacy | Sent to offshore processing centers | Never leaves your browser. Verify in DevTools. |
| Annual Cost | $100K - $500K+ | $50 - $500 in API costs |
| Processing Time | 2-4 weeks (rush charges extra near deadline) | Minutes to hours |
We know your legal team will ask. Here are the answers.
This is a static website. There is no backend, no database, no server-side code. Your data physically cannot be stored because there is nowhere to store it. Verify this yourself: View Source is always available.
Your browser talks directly to Anthropic's API (api.anthropic.com). We are not a middleman. The network traffic is between you and Anthropic, protected by TLS encryption. Verify this in your browser's Network tab.
You may notice a header called anthropic-dangerous-direct-browser-access. The name sounds alarming, but it is a developer safety flag, not a security risk. Anthropic requires this header to confirm you intentionally chose to call their API from a browser (vs. a backend server). It does not weaken encryption, bypass authentication, or change how your data is handled. It simply acknowledges the architecture.
Anthropic does not train on API data. Inputs and outputs are not retained beyond the API call. This is documented in their commercial terms. Your organization's API agreement governs the relationship.
The site's CSP headers restrict all outbound connections to only the AI provider APIs. No data can be sent to any other endpoint. This is verifiable by inspecting the HTTP response headers.
This workflow standardizes Healthcare Professional names, validates National Provider Identifier numbers, and resolves duplicates across your dataset. It is the foundational cleansing step for Sunshine Act reporting.
When you run this workflow, the AI processes each record through four sequential checks:
The script normalizes physician names to proper case (First Last format). It strips credentials like MD, DO, and PhD from the name field and stores them separately. It correctly handles prefixes (Dr.), suffixes (Jr., III), and compound names (Taylor-Johnson). This matters because CMS requires clean, consistent name formatting, and your internal data often contains names entered as "SARAH WILLIAMS", "Dr. David Lee", or "jennifer martinez".
Every NPI is checked against the Luhn algorithm (the same checksum used for credit card numbers). A valid NPI is exactly 10 digits and passes this mathematical check. The script flags NPIs that fail validation, are missing, or appear to be formatted incorrectly. It does not call the live NPPES registry (that would require server-side code), but the Luhn check catches transposition errors and invalid numbers.
The AI looks across your entire batch for records that may refer to the same physician. Common patterns: "Robert Chen" / "Bob Chen" / "Robert Chen MD" all appearing with different NPIs. The script flags these as potential duplicates with a confidence score so a human reviewer can decide which record is canonical.
Each record gets a confidence score from 0 to 100. Clean records with valid NPIs and standard formatting score 90 to 100. Records with minor issues (like extracted credentials) score 70 to 89. Anything below 70 is flagged for mandatory human review.
The script returns all original fields plus: corrected_first_name, corrected_last_name, credentials_extracted, npi_valid (boolean), confidence (0-100), reasoning (plain English explanation), flagged (boolean), and flag_reason.
Upload your physician data and see how the AI handles name normalization and NPI validation.
Launch the AppThis workflow classifies each payment into the correct CMS Open Payments category, provides plain-English reasoning for every decision, and flags ambiguous items that need human review.
Payment categorization is where consultant inconsistency is most visible. Ask two analysts to categorize the same payment and you often get two different answers. This workflow applies consistent rules to every record.
The AI maps each payment to one of the 14 CMS Open Payments categories based on the payment description, context, and amount. The official categories are: Consulting Fee, Compensation for Services Other Than Consulting, Honoraria, Gift, Entertainment, Food and Beverage, Travel and Lodging, Education, Research, Charitable Contribution, Royalty or License, Current or Prospective Ownership or Investment Interest, Grant, and Space Rental or Facility Fee.
The script reads the full payment description and matches it against CMS definitional guidance. For example, a "dinner with KOL during advisory board" could be Food and Beverage or Consulting depending on context. The AI weighs the language, the amount, and the overall record context to make a determination, then explains its reasoning in plain English.
Payments are checked against typical ranges for each category. A $5,000 "Food and Beverage" entry is suspicious. A $25 "Research" payment is unusual. The script does not reject these automatically but flags them with an amount warning so reviewers can verify.
Every categorization decision includes a reasoning field that explains why the category was selected. This is the key differentiator from consultant-driven processes: when an auditor asks "why was this classified as Consulting Fee instead of Honoraria?", you have a documented answer for every single record.
corrected_category, confidence (0-100), reasoning (string), flagged (boolean), flag_reason, amount_flag (if amount is unusual for the category).
See how the AI categorizes your payments and compare its reasoning against your consultant's output.
Launch the AppThis workflow normalizes physician and facility addresses to USPS standards, identifies common formatting problems, and flags addresses that may not match CMS records.
Address data is notoriously messy in internal spend systems. This workflow cleans it up for CMS submission.
The script converts addresses to standard USPS abbreviations: Street to St, Avenue to Ave, Boulevard to Blvd, Suite to Ste, Floor to Fl. City names are normalized to proper case. State names are converted to two-letter abbreviations (California to CA). This is mechanical but error-prone when done manually across thousands of records.
Common problems the script catches: P.O. Box addresses (CMS typically requires a physical practice address), missing suite or floor numbers, state/zip code mismatches, addresses that appear to be residential rather than professional, and incomplete address fields.
Addresses associated with teaching hospitals get special flags because teaching hospital payments have different reporting rules under the Sunshine Act. The AI identifies common teaching hospital patterns in addresses (University Medical Center, Academic Health Center, etc.).
Clean, complete addresses with standard formatting score 90 to 100. Addresses with minor corrections (abbreviation standardization) score 70 to 89. Addresses with missing components, P.O. Boxes, or suspected residential locations score below 70 and are flagged for human review.
corrected_address, corrected_city, corrected_state, corrected_zip, address_type (practice/hospital/other), confidence, reasoning, flagged, flag_reason.
Upload your address data and see how many formatting issues the AI catches.
Launch the AppThis workflow prepares documentation for the 45-day physician review period, generates physician-facing summaries, and identifies records most likely to be disputed.
Under the Sunshine Act, physicians have a 45-day window to review and dispute payments attributed to them before CMS publishes the data. This workflow prepares your team for that process.
The AI evaluates each payment record and assigns a dispute risk level (low, medium, high) based on characteristics that historically correlate with disputes. High-amount payments, unusual categories, and records with data quality issues are more likely to be challenged by physicians.
For each record, the script identifies which aspects a physician might dispute: the payment amount, the category assignment, the physician identity (wrong doctor attributed), or the teaching hospital association. This helps your team prepare targeted responses rather than generic ones.
The AI generates a plain-language summary for each record that is suitable for sending to the physician during the review period. These summaries describe the payment in clear terms without internal jargon, making the review process smoother for both sides.
For each record, the script prepares response points your team can use if a dispute is filed. These reference the source documentation, explain the categorization logic, and provide the supporting evidence trail.
dispute_risk (low/medium/high), dispute_categories (array), physician_summary (string), response_points (array), confidence, reasoning, flagged, flag_reason.
See how the AI assesses dispute risk and prepares physician-facing documentation.
Launch the AppThis workflow calculates aggregate payment totals per physician, applies CMS de minimis threshold rules, and flags payments that cross reporting boundaries.
The Sunshine Act has de minimis thresholds below which individual payments do not need to be reported. But these thresholds apply to aggregates, not just individual payments. This workflow handles that math.
The script checks each payment amount for data quality issues: negative values, suspiciously round numbers that suggest estimates rather than actuals, potential rounding errors, and missing or zero amounts. These are flagged for review before aggregation.
For reporting year 2025, the individual de minimis threshold is $12.27 and the aggregate threshold is $122.66. A single $10 meal does not need to be reported. But twelve $10 meals to the same physician totaling $120 are approaching the aggregate threshold and the next payment will push it over. The script tracks these running totals per physician NPI.
Payments are summed by physician NPI across the full reporting year. The script identifies physicians whose aggregate totals are near or over the reporting threshold, which means previously unreported individual payments may now need to be included in the CMS submission.
Records are flagged when they are within 20% of a threshold boundary. This gives your team advance warning that a physician's aggregate is approaching the reporting trigger, allowing you to flag future payments to that physician for closer tracking.
amount_valid (boolean), near_threshold (boolean), aggregate_total, reporting_required (boolean), confidence, reasoning, flagged, flag_reason.
Individual: $12.27 per payment. Aggregate: $122.66 total per physician per reporting year. These are updated annually by CMS and published in the Federal Register.
Upload your payment data and see which physicians are near or over reporting thresholds.
Launch the AppThis workflow validates that all required CMS fields are present and correctly formatted, checks cross-field consistency, and identifies records that are not ready for submission.
This is typically the final workflow in the pipeline, run after the other cleansing steps. It performs a comprehensive validation pass to catch anything that would cause a CMS submission rejection.
CMS requires specific fields for each payment record in the Open Payments submission. The script checks that every required field is present and non-empty: covered recipient NPI, name fields, payment amount, date of payment, nature of payment, and form of payment. Missing fields are listed explicitly so your team knows exactly what needs to be filled in.
The AI checks that related fields are consistent with each other. Does the physician name match what is on file for that NPI? Is the payment category consistent with the amount range? Are payment dates within the reporting year? Is the state code valid for the reported zip code? These cross-field checks catch errors that individual field validation misses.
Some CMS fields can be derived from other data in the record. The script generates these where possible rather than requiring manual entry. For example, the program year can be derived from the payment date, and certain indicator fields can be set based on the payment category.
Each record gets a cms_ready boolean. Records marked true have passed all validation checks and are formatted correctly for CMS submission. Records marked false include a specific list of validation errors that must be resolved before submission.
cms_ready (boolean), missing_fields (array), validation_errors (array), confidence, reasoning, flagged, flag_reason.
Run a final validation pass on your cleansed data to identify any remaining issues before CMS submission.
Launch the AppA structured, low-risk program to prove AI can replace expensive data cleansing consultants. Start the conversation with your legal team now. Run your real comparison whenever you are ready, even after the March 31 deadline using historical data.
Use our pre-written legal memo template to begin the approval process with your legal and IT teams. We know pharma legal moves carefully. The memo addresses data privacy, API security, and the client-side architecture. Start this process now so it is in motion.
Set up your API key, upload a sample dataset, and run through the guided tutorial. This takes hours, not weeks. You can do this with sample data while waiting for legal approval on real data.
Run the same data through both your consultant pipeline and SunshineReportingAI. If you have time before the deadline, great. If not, use your 2025 data after submission. The comparison is just as valid either way.
Use our automated comparison tools to generate side-by-side accuracy reports. Focus on the question that matters most: which pipeline can explain its decisions to an auditor?
With concrete comparison data in hand, your leadership can make an informed decision for the next reporting cycle. Reduce consultant scope, go hybrid, or stay the course. The data will tell you what to do.
Copy, customize, and send to your legal team.
INTERNAL MEMORANDUM
To: [Legal Department / Chief Compliance Officer]
From: [Your Name, Title]
Date: [Date]
Re: Request for Approval to Conduct Parallel AI Compliance Test
I am requesting approval to conduct a limited, parallel test of an open-source AI tool for Sunshine Act data cleansing alongside our existing consultant-managed process. The purpose is to evaluate whether AI can improve accuracy, reduce cost, and provide better audit trails for our Open Payments reporting.
Key Facts for Legal Review:
Data Privacy: The tool runs entirely in the browser. No data is transmitted to any server operated by the tool provider. The only network traffic is direct API calls from our browser to Anthropic's API (api.anthropic.com), governed by our existing or new API agreement with Anthropic.
Data Retention: Anthropic's commercial API terms state that they do not train on API data and do not retain inputs or outputs beyond the API call. No third-party data processing agreement is required with the tool provider because no data processing occurs on their infrastructure.
Security: The tool is open source and fully auditable. All JavaScript code can be reviewed by our IT security team. Content Security Policy headers restrict all outbound connections to only the AI provider API.
Scope: This is a parallel test only. Our existing consultant process will continue unchanged. The AI output will be compared against consultant output for accuracy evaluation. No AI-generated output will be submitted to CMS without full review and approval.
Cost: The tool itself is free. The only cost is AI API usage, estimated at $50-$500 depending on dataset size. This compares to our current annual consultant spend of $[amount].
Timeline: This test can be conducted before or after the March 31 CMS submission deadline using either current or historical data. The comparison is equally valid with prior-year data. There is no urgency that would require bypassing normal review processes.
I am requesting approval to proceed with this parallel test, with results to be shared with leadership for consideration in planning the next reporting cycle.
Everything you need to understand, verify, and use the platform.
Step-by-step walkthrough from API key setup to your first cleansing workflow. Includes sample data for testing.
Detailed technical documentation of the client-side architecture, data flow, threat model, and verification procedures for your IT and legal teams.
Complete documentation of each cleansing workflow: input schemas, processing rules, output formats, and prompt engineering details.
How to get an Anthropic API key, set usage limits, and understand pricing. Includes guidance for enterprise procurement.
Overview of Open Payments requirements, CMS categories, reporting thresholds, and common data quality issues for teams new to the process.
How to run a fair side-by-side comparison between AI and consultant output. Includes scoring rubrics and report templates.
Yes. Open your browser's Developer Tools (F12), go to the Network tab, and watch what happens when you process data. You will see requests going only to api.anthropic.com (or your chosen provider). No requests go to sunshinereportingai.com or any other server. The site has no backend to send data to.
No. Anthropic's commercial API terms explicitly state that API inputs and outputs are not used for model training and are not retained beyond the API call. Your organization can also negotiate an enterprise agreement with additional data protection provisions.
The platform is completely free. You pay only for AI API usage directly to the provider. For Claude Sonnet, processing 10,000 records through all six workflows costs approximately $180-$300. Compare this to the $100K-$500K annual consultant fees for the same work.
Every result includes a confidence score and the AI's reasoning. Items below the confidence threshold are automatically flagged for human review. The platform is designed for human-in-the-loop processing, not autonomous submission. And the entire point of the Challenge is to run AI in parallel with consultants so you can measure accuracy before committing.
The name is alarming, but it is a standard Anthropic developer safety flag. Anthropic requires this header to confirm that you intentionally chose to call their API directly from a browser rather than through a backend server. It does not weaken encryption, bypass authentication, or change data handling. It is comparable to a confirmation dialog. Your IT security team can verify this in Anthropic's API documentation.
The platform is built around Claude first because of Anthropic's strong data privacy guarantees and the model's accuracy on structured data tasks. Support for OpenAI and Google Gemini is planned. The provider abstraction layer makes adding new backends straightforward.
SunshineReportingAI was created by Terence Bennett (CEO, DreamFactory Software) in collaboration with pharma compliance experts. It exists because the current consultant model is overpriced, inconsistent, and ripe for automation. The platform is open source and community-driven.
Configure your AI provider, upload data, and run cleansing workflows.
Standardize names, validate NPIs, resolve duplicates
Required columns: physician_first_name, physician_last_name, npi
Classify into Open Payments categories with reasoning
Required columns: payment_description, amount
Normalize addresses, match to CMS records
Required columns: address, city, state, zip
Calculate totals, apply de minimis rules, flag thresholds
Required columns: physician_npi, amount, date
Generate dispute templates and physician summaries
Required columns: physician_name, payment records
CMS format files, validation summaries, audit trails
Required: Completed cleansing workflow output
or click to browse. File stays in your browser only.
File:
Records:
Columns: