# SCRIMED Healthcare Intelligence OS Brief

Status: healthcare-intelligence-os-foundation
Boundary: SCRIMED is currently a governed synthetic pilot and enterprise evaluation operating layer. It does not ingest live PHI, autonomously diagnose, autonomously treat, submit claims, route patients, or execute production clinical workflows.

## Current Architecture
- Framework: Next.js App Router with typed server components and route handlers
- Database: Supabase Auth, Supabase Postgres, and Postgres row-level security for protected pilot workspaces
- Auth: Supabase Auth bearer-token verification for tenant-admin protected pilot operations
- Rate limit: Upstash Redis rate limiting with bounded in-process fallback for protected mutations
- Deployment: Vercel-hosted SCRIMED product app connected from the official Wix website
- Data posture: Synthetic-only public product, demo, pilot, and evidence surfaces; live PHI remains blocked

## Phase Plan
- phase-1: Agent Runtime, Clinical Knowledge Graph, Validation and Trust Lab (foundation-contract) - Make SCRIMED's orchestration, evidence, knowledge, and validation contracts first-class before any live execution.
- phase-2: Persistent Workspace, Multi-Model Router, Sovereign Deployment (foundation-contract) - Enable resumable enterprise workspaces, vendor-neutral AI routing, and deployment profiles for controlled customer environments.
- phase-3: Clinical Intelligence OS, Risk Horizon Engine, Population Intelligence (planned) - Build care-journey, preventive-risk, and population intelligence surfaces after trust, evidence, and governance are verified.
- phase-4: Project Ark Healthcare Intelligence Fabric (planned) - Unify interoperable healthcare intelligence across organizations, regions, workflows, models, and governance systems.

## Phase 1 Foundation
- Agent Runtime: synthetic-agent-platform-ready; 4 control-plane components; 6 specialist services.
- Clinical Knowledge Graph: foundation-contract; 10 standard families; 10 node types.
- Clinical Data Fabric: clinical-data-fabric-control-plane-ready-no-phi; 9 source contracts; 6 semantic mappings; 10 health-graph edge contracts.
- Clinical Context Gateway: clinical-context-gateway-ready-no-phi; 9 context scopes; 13 gateway controls; 5 baseline evaluations.
- Validation and Trust Lab: executable-synthetic-governance-ready; 10 required/controlled fields; 8 TrustOS controls.

## Clinical Data Fabric
- Route: /healthcare-intelligence-os#clinical-data-fabric
- API: /api/clinical-data-fabric
- Brief: /api/clinical-data-fabric/brief
- Data boundary: no-live-phi-control-plane
- Connector authority: not-production-connector-approved
- Agent data authority: semantic-layer-only-no-raw-schema-access
- Live ingestion authority: blocked-pending-customer-authorization
- Validation: passed
- Boundary: SCRIMED Clinical Data Fabric is a no-live-PHI control plane for source contracts, semantic normalization, provenance, governance, and health-graph projection rules. It does not ingest live records, store PHI, expose raw schemas to agents, activate production connectors, submit payer transactions, mutate EHRs, interpret imaging, prescribe, diagnose, treat, contact patients, or approve customer go-live.

## Clinical Data Governance
- Status: clinical-data-governance-policy-engine-ready-no-phi
- Policy version: scrimed-clinical-data-governance-v2026-07-03
- API: /api/clinical-data-governance
- Brief: /api/clinical-data-governance/brief
- Data boundary: metadata-and-policy-only-no-live-phi
- Policy rules: 12
- Baseline evaluations: 5
- Validation: passed
- Boundary: SCRIMED Clinical Data Governance evaluates metadata-only policy requests for purpose of use, role, data class, consent, tenant scope, minimum necessary access, destination, human review, residency, and contract readiness. It does not ingest live records, store PHI, approve production connectors, mutate records, submit payer transactions, contact patients, authorize external model PHI processing, diagnose, treat, prescribe, or approve customer go-live.

## Clinical Context Gateway
- Status: clinical-context-gateway-ready-no-phi
- Version: scrimed-clinical-context-gateway-v2026-07-03
- Envelope version: scrimed-context-envelope-v1
- API: /api/clinical-context-gateway
- Brief: /api/clinical-context-gateway/brief
- Data boundary: governed-semantic-context-only-no-live-phi
- Raw schema access: blocked
- Raw connector payload access: blocked
- Gateway controls: 13
- Baseline evaluations: 5
- Validation: passed
- Boundary: SCRIMED Clinical Context Gateway converts authorized metadata-only requests into governed semantic context envelopes for agents. It does not accept raw patient records, expose raw database schemas, expose raw connector payloads, store PHI, activate production connectors, mutate records, submit payer transactions, contact patients, diagnose, treat, prescribe, interpret imaging, or approve customer go-live.

## Clinical Workflow Automation
- Status: clinical-workflow-automation-synthetic-and-review-gated
- Tracks: 8
- Synthetic-ready tracks: 3
- Patient-safety controls: 39
- Patient-engagement analysis signals: 32
- Interoperability bindings: 28
- Clinician burden-reduction motions: 24
- Operations optimization levers: 26
- Boundary: Clinical workflow automation is limited to synthetic, metadata-only, draft, queueing, readiness, and human-reviewed support until customer clinical scope, privacy/security/legal review, PHI authority, connector approval, clinical governance, monitoring, and go-live approval exist.
- Pre-visit chart prep and gap review (synthetic-ready): Draft-only visit agenda, missing-evidence checklist, and reviewer-ready preparation packet for synthetic or approved sandbox records. Safety: missing-data disclaimer, source attribution required, stale-result flag, clinician-review required, no diagnosis or treatment recommendation Burden reduction: reduce manual chart hunting, compress agenda preparation, turn scattered evidence into a single review list Blocked: live chart pull, patient-specific triage, clinical diagnosis, treatment plan recommendation
- Documentation draft and clerical reduction (design-contract): Draft note scaffold, evidence trail, and coding-adjacent clarification queue without final note signing, EHR filing, or clinical authorship transfer. Safety: draft-only watermark, clinician author remains responsible, source/evidence trail, hallucination and unsupported-claim check, no autonomous note finalization Burden reduction: reduce after-hours documentation backlog, standardize note skeletons, surface incomplete documentation before signoff Blocked: autonomous documentation finalization, EHR filing, clinical authorship transfer, coding finalization
- After-visit follow-up readiness (customer-sandbox-required): Generate no-PHI workqueue plans, draft task categories, and escalation checklists; do not contact patients or route urgent care issues. Safety: urgent/emergency boundary, human outreach approval, patient instruction blocker, task owner required, closed-loop follow-up audit Burden reduction: reduce manual follow-up queue sorting, convert care-plan fragments into worklists, separate administrative follow-up from clinical escalation Blocked: patient outreach, urgent triage, clinical instruction, care-plan mutation
- Referral, prior authorization, and documentation workbench (synthetic-ready): Prepare evidence packet outlines, policy checklists, and status workqueues without payer submission, coverage determination, or claim guarantee. Safety: coverage-decision blocker, payer-submission blocker, policy source attribution, human reviewer approval, no reimbursement guarantee Burden reduction: reduce manual policy lookup, package missing documentation requests, separate clerical payer tasks from clinician review Blocked: payer submission, coverage determination, appeal filing, reimbursement guarantee
- Medication reconciliation safety review (external-review-required): Create safety-review prompts and discrepancy queues without medication advice, interaction claims, prescribing, or patient instructions. Safety: pharmacist/clinician review required, medication-change blocker, source discrepancy flag, interaction-source governance required, patient instruction blocker Burden reduction: reduce medication list comparison work, highlight missing reconciliation evidence, route discrepancy queues to the right reviewer Blocked: medication change recommendation, prescribing, drug interaction claim, patient instruction
- Care-gap and population engagement analysis (design-contract): Produce aggregate or synthetic engagement and workload dashboards, not patient-specific outreach lists or risk prediction. Safety: aggregation threshold, equity review, consent and purpose-of-use gate, no patient-specific scoring, anti-discrimination review Burden reduction: reduce manual quality roster review, separate outreach planning from clinical decision work, prioritize operations bottlenecks before clinician escalation Blocked: patient-specific scoring, automated outreach, risk prediction claim, quality outcome guarantee
- Discharge transition workflow optimization (customer-sandbox-required): Prepare transition checklist and handoff packet templates without discharge instructions, order entry, patient routing, or clinical risk scoring. Safety: pending-result flag, handoff owner required, no discharge instruction generation, readmission-risk claim blocker, post-acute referral authority gate Burden reduction: reduce discharge checklist assembly, surface incomplete handoffs, route administrative barriers before clinician escalation Blocked: discharge instruction generation, order entry, post-acute referral submission, readmission prediction
- Clinician inbox and administrative triage (synthetic-ready): Draft routing labels, response templates, and clerical task groups without patient advice, refill approval, or clinical triage. Safety: clinical intent escalation, urgent symptom blocker, patient advice blocker, human sender approval, message source audit Burden reduction: reduce inbox sorting load, separate clerical messages from clinical review, prepare human-send response drafts Blocked: patient medical advice, refill approval, urgent triage, message sending without human approval

## Production Gates
- TODO: approve licensed clinician validation rubrics before clinical correctness or safety scores are used in care delivery.
- TODO: complete regulatory intended-use review before public claims imply clinical decision support, diagnosis, treatment, or device functionality.
- TODO: approve BAA/DPA, privacy notices, retention schedules, and customer data boundaries before PHI or confidential clinical data.
- TODO: approve durable audit storage, tenant memory retention, deletion, residency, legal-hold, and access-review policies before production workspace persistence.
- TODO: approve model provider contracts, PHI routing policy, regional processing rules, monitoring, and fallback runbooks before production model routing.
- TODO: approve sovereign deployment architecture before customer data is required to stay in a private, government, hospital, edge, or on-prem environment.

## Routes
- OS surface: /healthcare-intelligence-os
- OS API: /api/healthcare-intelligence-os
- Clinical Data Fabric: /healthcare-intelligence-os#clinical-data-fabric
- Clinical Data Fabric API: /api/clinical-data-fabric
- Clinical Data Fabric Brief: /api/clinical-data-fabric/brief
- Clinical Data Governance: /healthcare-intelligence-os#clinical-data-governance
- Clinical Data Governance API: /api/clinical-data-governance
- Clinical Data Governance Brief: /api/clinical-data-governance/brief
- Clinical Context Gateway: /healthcare-intelligence-os#clinical-context-gateway
- Clinical Context Gateway API: /api/clinical-context-gateway
- Clinical Context Gateway Brief: /api/clinical-context-gateway/brief
- Agent Runtime: /agents
- Validation Trust Lab: /trust-os
- Protected Workspace: /pilot-workspace
- Persistent Agent Workspace: /agent-workspace
- Persistent Agent Workspace API: /api/agent-workspace
- Persistent Agent Workspace Proof Packet: /api/agent-workspace/proof-packet