Care AI systems generate decisions with lasting consequences — medication adjustments, fall risk escalations, clinical alert thresholds. For these decisions to be accountable, they must be attributable: a future inquiry must be able to establish exactly what the AI decided, on what inputs, under which model version, with or without human override, and at what moment in time. The mechanism that makes attribution work is cryptographic audit integrity. Digital signatures bind each decision record to the specific system state that produced it. Tamper-evident logs ensure the record cannot be altered after the fact. The chain of custody is cryptographic.

The problem is that cryptographic assurances have lifespans. Digital signatures generated with current algorithms will not remain verifiable indefinitely. The two algorithm families underpinning most healthcare audit infrastructure today — RSA and elliptic-curve digital signatures — are vulnerable to quantum attacks. Active research programmes are advancing the quantum computing capabilities that would break them. Conservative projections suggest those capabilities will arrive within a decade; optimistic projections compress that window further. Both overlap substantially with the legal exposure windows that govern care AI decisions.

Medical malpractice statutes of limitations create a gap that is not trivially short. In most jurisdictions, the standard limitation period for clinical negligence runs two to seven years from the date of harm or its discovery. For care AI deployed with pediatric patients, discovery rules can extend potential exposure much further — a child harmed by a care AI decision in infancy may not be able to bring a claim until reaching majority. Long-term care relationships add further complexity: decisions made in year one of a multi-year care episode may bear on liability assessments at its end. The legal life of a care AI decision is not a brief window that closes cleanly. It can be long, indeterminate, and subject to extension.

The accountability horizon problem is what emerges at the intersection of these two curves. A care provider defending a 2026 care AI decision in 2031 or 2033 faces a specific and concrete challenge: if quantum computing has advanced to the point where the signature scheme anchoring that decision's audit record can be broken, the provider cannot cryptographically prove the record was not altered after the fact. The signed log entry — "AI recommendation X, accepted by clinician Y, at timestamp Z, under model version W" — is no longer proof. It is an assertion. Assertions can be correct, but they cannot be verified against tampering. The accountability structure that was used to justify deploying care AI in the first place — we will always be able to see what it decided and why — is unavailable exactly when it is most needed.

This is a different problem from the confidentiality threats that more commonly frame post-quantum risk discussions. Harvest-now-decrypt-later attacks target data that must remain secret. The accountability horizon problem targets data that must remain provably authentic. A care decision that was correctly made, correctly recorded, and correctly signed at the time it was made may become impossible to prove in future legal proceedings — not because the record was hidden, but because the proof that the record was not altered has become unverifiable. The decision was right. The record was accurate. The chain of proof has expired.

The intervention requires addressing the problem at multiple levels simultaneously. For ongoing signatures, care AI audit infrastructure should begin migrating toward post-quantum signature schemes — the algorithm families standardized by NIST that are designed to remain secure against attacks by quantum computers. For existing records, organizations need to consider re-signing historical audit logs with post-quantum signatures while the classical signatures remain verifiable, creating a dual-signed chain whose authenticity survives the cryptographic transition. For hardware, the signing keys anchoring care AI audit records should reside in hardware security modules capable of algorithm migration without key extraction — a procurement requirement that must be decided at acquisition time, not retrofitted.

None of these interventions is frictionless. Re-signing historical records requires proving that the re-signing occurred at a moment when the original signatures were still valid — which itself requires a timestamp from a source whose own trustworthiness will remain verifiable over the same horizon. Algorithm migration requires every component in the care AI stack, including third-party integrations, archived records in vendor-managed storage, and the downstream clinical systems that consume audit data, to support the new scheme. The operational surface for a multi-year migration is large, and the incentive to begin before the risk becomes undeniable is structurally weak.

The accountability horizon problem is not a future risk to be deferred until quantum computing becomes a near-term operational fact. Care AI deployed today is actively accumulating audit records under classical cryptography. The decisions with the longest potential legal exposure — those involving pediatric patients, latent-onset conditions, multi-year care relationships, or high-stakes clinical thresholds — are being recorded now. Organizations that wait for the quantum transition to become undeniable before addressing their audit infrastructure will discover, when they most need those records, that the chain of proof has already closed.

医疗AI系统生成具有持久后果的决策——药物调整、跌倒风险升级、临床警报阈值。为使这些决策能够接受问责，它们必须具有可归因性：未来的调查必须能够确定AI到底决策了什么、基于什么输入、在哪个模型版本下、是否有人工覆盖，以及发生在何时。使归因得以实现的机制是密码学审计完整性。数字签名将每条决策记录绑定到产生它的特定系统状态。防篡改日志确保记录事后无法被修改。监管链是密码学的。

问题在于，密码学保证有生命周期。使用当前算法生成的数字签名无法无限期保持可验证性。支撑当今大多数医疗审计基础设施的两类算法族——RSA和椭圆曲线数字签名——容易受到量子攻击。积极的研究项目正在推进将能够破解它们的量子计算能力。保守预测表明这些能力将在十年内到来；乐观预测将这一窗口进一步压缩。两者都与治理医疗AI决策的法律责任窗口存在实质性重叠。

医疗过失诉讼时效制度造成了不可忽视的差距。在大多数司法管辖区，临床过失的标准诉讼时效从损害发生或发现之日起两到七年。对于与儿科患者一起部署的医疗AI，发现规则可能进一步延长潜在责任——婴幼儿期受到医疗AI决策损害的孩子可能要到成年后才能提起索赔。长期护理关系增加了进一步的复杂性：多年护理过程第一年作出的决策，可能在护理结束时仍与责任评估相关。医疗AI决策的法律生命周期不是一个干净关闭的短窗口，它可以是漫长的、不确定的，并可能被延长。

问责视野问题就在这两条曲线的交叉点出现。在2031年或2033年为2026年医疗AI决策进行辩护的医疗机构面临一个具体而现实的挑战：如果量子计算已发展到能够破解锚定该决策审计记录的签名方案，机构将无法以密码学方式证明记录事后未被更改。签名日志条目——"AI建议X，由临床医生Y接受，时间戳Z，在模型版本W下"——不再是证明，而只是一个断言。断言可以是正确的，但无法针对篡改进行验证。最初用于证明部署医疗AI合理性的问责结构——我们将永远能够看到它决策了什么以及为什么——在最需要它的时刻无法获得。

这与更常见的后量子风险框架中的机密性威胁是不同的问题。"现在收集、以后解密"攻击针对的是必须保持秘密的数据。问责视野问题针对的是必须保持可证明真实性的数据。一个在决策时被正确做出、正确记录、正确签名的护理决策，可能在未来法律诉讼中变得无法证明——不是因为记录被隐藏，而是因为记录未被篡改的证明已变得不可验证。决策是正确的，记录是准确的，证明链已经到期。

干预需要同时在多个层面解决问题。对于正在进行的签名，医疗AI审计基础设施应开始向后量子签名方案迁移——NIST已标准化的算法族，旨在抵御量子计算机攻击保持安全。对于现有记录，组织需要考虑在经典签名仍可验证时用后量子签名重新签署历史审计日志，创建双重签名链，其真实性能够在密码学过渡中存续。对于硬件，锚定医疗AI审计记录的签名密钥应存放在支持算法迁移而无需密钥提取的硬件安全模块中——这是必须在采购时而非事后补救时确定的需求。

这些干预措施都不是无摩擦的。重新签署历史记录需要证明重新签署发生在原始签名仍然有效的时刻——这本身需要来自可信来源的时间戳，而该来源自身的可信度也需要在同一时间窗内保持可验证。算法迁移要求医疗AI堆栈中的每个组件——包括第三方集成、供应商管理存储中的归档记录以及使用审计数据的下游临床系统——都支持新方案。多年迁移的运营范围巨大，而在风险变得无可否认之前就启动的动力从结构上来说本就薄弱。

问责视野问题不是可以推迟到量子计算成为近期运营事实时再处理的未来风险。今天部署的医疗AI正在经典密码学下积累审计记录。具有最长潜在法律责任的决策——那些涉及儿科患者、潜伏期疾病、多年护理关系或高风险临床阈值的决策——现在正在被记录。等到量子过渡变得无可否认再解决审计基础设施的组织，将在最需要那些记录时发现，证明链已经关闭。

醫療AI系統生成具有持久後果的決策——藥物調整、跌倒風險升級、臨床警報閾值。為使這些決策能夠接受問責，它們必須具有可歸因性：未來的調查必須能夠確定AI到底決策了什麼、基於什麼輸入、在哪個模型版本下、是否有人工覆蓋，以及發生在何時。使歸因得以實現的機制是密碼學稽核完整性。數位簽章將每條決策記錄綁定到產生它的特定系統狀態。防篡改日誌確保記錄事後無法被修改。監管鏈是密碼學的。

問題在於，密碼學保證有生命週期。使用當前演算法生成的數位簽章無法無限期保持可驗證性。支撐當今大多數醫療稽核基礎設施的兩類演算法族——RSA和橢圓曲線數位簽章——容易受到量子攻擊。積極的研究項目正在推進將能夠破解它們的量子計算能力。保守預測表明這些能力將在十年內到來；樂觀預測將這一窗口進一步壓縮。兩者都與治理醫療AI決策的法律責任窗口存在實質性重疊。

醫療過失訴訟時效制度造成了不可忽視的差距。在大多數司法管轄區，臨床過失的標準訴訟時效從損害發生或發現之日起兩到七年。對於與兒科患者一起部署的醫療AI，發現規則可能進一步延長潛在責任——嬰幼兒期受到醫療AI決策損害的孩子可能要到成年後才能提起索賠。長期護理關係增加了進一步的複雜性：多年護理過程第一年作出的決策，可能在護理結束時仍與責任評估相關。醫療AI決策的法律生命週期不是一個乾淨關閉的短窗口，它可以是漫長的、不確定的，並可能被延長。

問責視野問題就在這兩條曲線的交叉點出現。在2031年或2033年為2026年醫療AI決策進行辯護的醫療機構面臨一個具體而現實的挑戰：如果量子計算已發展到能夠破解錨定該決策稽核記錄的簽章方案，機構將無法以密碼學方式證明記錄事後未被更改。簽章日誌條目——「AI建議X，由臨床醫生Y接受，時間戳Z，在模型版本W下」——不再是證明，而只是一個斷言。斷言可以是正確的，但無法針對篡改進行驗證。最初用於證明部署醫療AI合理性的問責結構——我們將永遠能夠看到它決策了什麼以及為什麼——在最需要它的時刻無法獲得。

這與更常見的後量子風險框架中的機密性威脅是不同的問題。「現在收集、以後解密」攻擊針對的是必須保持秘密的資料。問責視野問題針對的是必須保持可證明真實性的資料。一個在決策時被正確做出、正確記錄、正確簽章的護理決策，可能在未來法律訴訟中變得無法證明——不是因為記錄被隱藏，而是因為記錄未被篡改的證明已變得不可驗證。決策是正確的，記錄是準確的，證明鏈已經到期。

干預需要同時在多個層面解決問題。對於正在進行的簽章，醫療AI稽核基礎設施應開始向後量子簽章方案遷移——NIST已標準化的演算法族，旨在抵禦量子計算機攻擊保持安全。對於現有記錄，組織需要考慮在經典簽章仍可驗證時用後量子簽章重新簽署歷史稽核日誌，創建雙重簽章鏈，其真實性能夠在密碼學過渡中存續。對於硬體，錨定醫療AI稽核記錄的簽章金鑰應存放在支援演算法遷移而無需金鑰提取的硬體安全模組中——這是必須在採購時而非事後補救時確定的需求。

這些干預措施都不是無摩擦的。重新簽署歷史記錄需要證明重新簽署發生在原始簽章仍然有效的時刻——這本身需要來自可信來源的時間戳，而該來源自身的可信度也需要在同一時間窗內保持可驗證。演算法遷移要求醫療AI堆疊中的每個元件——包括第三方整合、供應商管理儲存中的封存記錄以及使用稽核資料的下游臨床系統——都支援新方案。多年遷移的運營範圍巨大，而在風險變得無可否認之前就啟動的動力從結構上來說本就薄弱。

問責視野問題不是可以推遲到量子計算成為近期運營事實時再處理的未來風險。今天部署的醫療AI正在經典密碼學下積累稽核記錄。具有最長潛在法律責任的決策——那些涉及兒科患者、潛伏期疾病、多年護理關係或高風險臨床閾值的決策——現在正在被記錄。等到量子過渡變得無可否認再解決稽核基礎設施的組織，將在最需要那些記錄時發現，證明鏈已經關閉。