# SCRIMED Build Roadmap

Status: scrimed-build-roadmap-active-no-phi
Updated: 2026-06-30
Route: /scrimed-build-roadmap
API: /api/scrimed-build-roadmap

## Boundary
SCRIMED Build Roadmap is a no-PHI, architecture-and-governance planning layer. It does not authorize live PHI, autonomous diagnosis, treatment, prescribing, patient outreach, payer submission, billing submission, EHR writeback, production connector use, certification claims, clinical validation claims, compliance completion claims, or customer go-live.

## Directives
- Treat LLMs as the interface layer, not the whole system. Domain: ai-interface. Next: Add interface-layer tags to model routes so every AI output declares draft, recommendation, or metadata-only status.
- Add world-model/context layers for messy healthcare data. Domain: context-world-model. Next: Create synthetic world-model fixtures for time-series, geography, physical constraints, payer rules, workflow state, and patient journey state.
- Build active ontology + semantic graph for clinical, payer, RCM, patient-access, and operations logic. Domain: semantic-graph. Next: Extend the TrustOps semantic graph with ontology node types for payer rules, RCM denial logic, access queues, workforce capacity, and resource constraints.
- Store agent reasoning traces, audit logs, and decisions as long-term memory. Domain: memory-audit. Next: Map TrustOps review packets and execution-attempt durable envelopes into a shared long-term decision-memory contract.
- Add dynamic context injection: deep reasoning at session start, skill/module listing every turn, and task reminders updated every turn. Domain: context-injection. Next: Create a per-turn context manifest schema with selected modules, skill list, active reminders, omitted context, safety boundaries, and evidence refs.
- Avoid the self-correction trap: never trust model self-verification alone; validate with schemas, evidence, external data, rules, and human review. Domain: validation-governance. Next: Promote schema, evidence, rules, external-data hooks, and reviewer disposition into a release gate for all TrustOps and module briefs.
- Add workforce/talent module for healthcare hiring, onboarding, vacancy-risk, and labor-cost savings. Domain: workforce-talent. Next: Add workforce/talent registry entries to TrustOps with synthetic vacancy-risk and onboarding-readiness signals.
- Add project/resource management module tracking compute, storage, quota, model usage, pipeline cost, and agent workload. Domain: resource-management. Next: Bind model usage, pipeline cost, quota, storage, and agent workload to the TrustOps Signal Engine as synthetic cost-risk signals.
- Build toward healthcare world models: time-series, geography, physical constraints, clinical workflow state, payer rules, and patient journey state. Domain: healthcare-world-model. Next: Create the first synthetic world-model test suite covering temporal order, facility geography, physical capacity, payer rules, and journey state.
- Add benchmark layer for structured outputs, schema fidelity, reasoning validity, and operational accuracy. Domain: benchmarking. Next: Add benchmark dimensions to the TrustOps registry and require benchmark status in every build-roadmap release summary.

## Priority Stack
SCRIMED must be a governed healthcare meta-harness: orchestrating agents, data, documentation, evidence, and outcomes with human oversight at every high-stakes step.

- P0 Omnigent-style Meta-Harness: Unify coding, clinical, documentation, evidence, and operations agents under one orchestrator with shared sessions, guardrails, policies, auditability, and approval gates. Next: Bind Agent Runtime, TrustOps, Intelligence Platform evaluator, and Dynamic Context Injection into one metadata-only orchestration contract.
- P0 Documentation-Before-Authorization Engine: Detect prior-authorization documentation gaps before submission, including symptom language, functional status, visit timing, medical-necessity phrasing, policy criteria, and denial risk. Next: Create synthetic prior-auth documentation gap fixtures and connect them to TrustOps reviewer queues.
- P1 Edge Clinical Trial Evidence Layer: Prepare site/device-level trial evidence capture that can validate, hash, and sync decentralized-trial metadata without exposing live participant data. Next: Add a metadata-only edge trial evidence envelope to the Clinical Memory Graph and Evidence Binding layer.
- P0 On-Device De-Identification: Move PHI detection/redaction toward local browser, Mac, and mobile-capable preprocessing for documents and messages before any external inference path. Next: Define a local de-identification manifest schema and no-secret fixture set for all supported document families.
- P0 Clinical AI Benchmark Lab: Measure SCRIMED against general models by specialty using physician-style grading dimensions without claiming clinical validation. Next: Extend ClinicalBench with specialty rubrics and evaluator outputs that preserve evidence, uncertainty, and reviewer status.
- P0 Automation Orchestrator: Advance SCRIMED from chatbot UX toward governed workflow execution with tool calls, retries, approvals, audit logs, and rollback plans. Next: Promote existing execution-attempt envelopes into a deterministic workflow-orchestration contract.
- P1 Pre-Indexed Intelligence: Reduce thin-connector dependency by building ingest-time pipelines with enriched indexes, provenance, grounding, and retrieval evaluation. Next: Add pre-indexed intelligence requirements to Clinical Data Fabric and TrustOps retrieval-evaluation contracts.
- P1 AI Medical Education Layer: Expand SCRIMED University into clinician training, AI literacy, skill assessment, feedback loops, and personalized learning paths. Next: Add SCRIMED University assessment metadata and feedback loops to the product readiness registry.

## Omnigent-Style Meta-Harness
SCRIMED Meta-Harness is a synthetic/no-PHI orchestration control plane for coding, clinical, documentation, evidence, operations, and trust/safety agents. It coordinates shared sessions, policies, guardrails, permissions, human approval gates, and audit metadata. It does not process live PHI, grant autonomous clinical authority, submit payer work, write to EHRs, activate production connectors, log raw payloads, or execute protected actions.

- meta-harness-low-risk-code-review: human_review_required. Approval gate: human_review_required. Blocked: none.
- meta-harness-clinical-review-packet: human_review_required. Approval gate: human_review_required. Blocked: none.
- meta-harness-blocked-protected-action: blocked. Approval gate: blocked_before_execution. Blocked: blocked tool: payer_submission, blocked tool: patient_outreach, blocked tool: ehr_writeback, blocked tool: raw_payload_logger, protected action attempt blocked.

## Pre-Indexed Intelligence
Pre-Indexed Intelligence is a synthetic/no-PHI, metadata-only ingest-time intelligence scaffold. It preserves document structure, provenance, grounding metadata, and retrieval evaluation for future Clinical Data Fabric and TrustOps workflows. It does not ingest live PHI, store raw connector payloads, expose raw schemas to agents, approve production connectors, make clinical recommendations, submit payer work, contact patients, or write back to EHRs.

- patient_matching: needs_review. Grounding 64. Traceability 70. Human review required: yes.
- document_similarity: needs_review. Grounding 57. Traceability 70. Human review required: yes.
- clinical_retrieval: needs_review. Grounding 61. Traceability 70. Human review required: yes.
- payer_policy_lookup: needs_review. Grounding 55. Traceability 70. Human review required: yes.
- recommendation_search: needs_review. Grounding 58. Traceability 70. Human review required: yes.

## Documentation-Before-Authorization Engine
Documentation-Before-Authorization Engine is synthetic/no-PHI pre-submission intelligence. It can identify documentation gaps, draft reviewer packets, and estimate prior-auth risk for demo workflows only. It does not submit prior authorizations, file claims, determine medical necessity, provide legal advice, contact payers, write to EHRs, or use live patient data.

- doc-auth-afib-ablation-synthetic-gap: blocked_before_submission. Missing: Symptom language, Functional status, Visit timing, Recent visit note, Reviewer attestation. Payer submission allowed: no.
- doc-auth-imaging-synthetic-review-ready: review_ready. Missing: none. Payer submission allowed: no.

## On-Device De-Identification
On-Device De-Identification is a synthetic/no-PHI local-first privacy scaffold for browser, Mac, and iPhone-capable preprocessing. It emits metadata-only redaction manifests for PDFs, scans, images, HL7 v2, CDA, FHIR, CSV, NDJSON, and chat logs. It does not store raw payloads, process live PHI, send data to external inference, certify de-identification, or authorize production connector use.

- deid-pdf-synthetic-intake: manual_verification_required. Type: pdf. External inference allowed: no. Raw payload stored: no.
- deid-scan-synthetic-referral: manual_verification_required. Type: scan. External inference allowed: no. Raw payload stored: no.
- deid-image-synthetic-card: manual_verification_required. Type: image. External inference allowed: no. Raw payload stored: no.
- deid-hl7-v2-synthetic-adt: manual_verification_required. Type: hl7_v2. External inference allowed: no. Raw payload stored: no.
- deid-cda-synthetic-summary: manual_verification_required. Type: cda. External inference allowed: no. Raw payload stored: no.
- deid-fhir-synthetic-bundle: manual_verification_required. Type: fhir. External inference allowed: no. Raw payload stored: no.
- deid-csv-synthetic-roster: manual_verification_required. Type: csv. External inference allowed: no. Raw payload stored: no.
- deid-ndjson-synthetic-export: manual_verification_required. Type: ndjson. External inference allowed: no. Raw payload stored: no.
- deid-chat-log-synthetic-support: manual_verification_required. Type: chat_log. External inference allowed: no. Raw payload stored: no.

## Modules
- Dynamic Context Injection Engine: Inject session-start planning summaries, per-turn module/skill listings, active task reminders, omitted context, and safety boundaries into agent runs.
- Active Ontology + Semantic Graph: Represent clinical, payer, RCM, patient-access, operations, workforce, resource, and governance logic as typed graph nodes and constrained relationships.
- Decision Memory Ledger: Store metadata-only decision memory for agent runs, audit logs, evidence refs, policy refs, model route, reviewer disposition, and outcome labels.
- Workforce / Talent Intelligence: Model healthcare hiring, onboarding, vacancy risk, credential readiness, training readiness, staffing capacity, and labor-cost savings assumptions.
- Project / Resource Management Intelligence: Track compute, storage, quota, model usage, pipeline cost, agent workload, reviewer load, and tenant capacity.
- Operational Benchmark Layer: Benchmark structured outputs, schema fidelity, evidence grounding, reasoning-summary validity, semantic consistency, and operational accuracy.

## World Model Layers
- Time-Series Layer: Tracks temporal order, trends, delays, sequence conflicts, freshness, seasonality, and state changes.
- Geography Layer: Models site, service area, region, distance, jurisdiction, care availability, and local operating constraints.
- Physical Constraints Layer: Represents rooms, staff, equipment, modality capacity, appointment slots, and operational bottlenecks.
- Clinical Workflow State Layer: Tracks draft, review, escalation, signoff, blocked state, evidence sufficiency, and clinical risk labels.
- Payer Rules Layer: Represents synthetic payer policy requirements, prior-auth criteria, denial logic, and documentation checklists.
- Patient Journey State Layer: Models synthetic journey milestones, handoffs, care gaps, preferences, access state, and continuity risk.

## Benchmarks
- Structured Output Fidelity: Generated output validates against typed schema with required safety and evidence fields.
- Schema Fidelity: All structured values conform to expected enum, score, and timestamp rules.
- Reasoning Validity: Rationale summary is evidence-grounded, rule-consistent, and routed to review when uncertain.
- Operational Accuracy: Output matches expected synthetic workflow state, owner, and allowed next action.
- Semantic Graph Consistency: Graph paths use valid ontology types and expose conflicts.

## GO / NO-GO
- GO for no-PHI roadmap architecture, synthetic fixtures, internal build planning, schema and benchmark design, module registry updates, and investor/buyer diligence explanation.
- NO-GO for live PHI, autonomous diagnosis, treatment, prescribing, patient outreach, payer submission, billing submission, EHR writeback, production connector use, certification claims, compliance completion claims, clinical validation claims, or customer go-live.

## Validation
- PASS all-user-directives-applied: All 10 requested build-roadmap directives must be represented.
- PASS llms-interface-not-whole-system: LLMs must remain the interface layer, while deterministic systems own state, policy, and execution boundaries.
- PASS self-correction-not-trusted-alone: Model self-verification cannot be sufficient without schema, evidence, rule, and human review checks.
- PASS world-model-layers-covered: Healthcare world models must include time-series, geography, physical constraints, clinical workflow, payer rules, and patient journey state.
- PASS workforce-and-resource-modules-present: Roadmap must include workforce/talent and project/resource management modules.
- PASS benchmark-dimensions-present: Benchmark layer must cover structured outputs, schema fidelity, reasoning validity, and operational accuracy.
- PASS priority-stack-items-present: Priority stack must include meta-harness, documentation-before-authorization, edge trial evidence, on-device de-identification, Clinical AI Benchmark Lab, Automation Orchestrator, Pre-Indexed Intelligence, and AI Medical Education.
- PASS governed-healthcare-meta-harness-principle: SCRIMED must orchestrate agents, data, documentation, evidence, and outcomes with human oversight at every high-stakes step.
- PASS priority-stack-boundaries-preserved: Every priority-stack item must preserve blocked production authority and include validation methods.
- FAIL no-phi-and-no-autonomous-actions: Every roadmap directive must retain no-PHI or synthetic-only boundaries.

## Next Build Step
Implement the Dynamic Context Injection Engine and Operational Benchmark Layer first, then connect workforce/resource synthetic signals to TrustOps before any broader automation expansion.
