SCRIMED Omega Platform Audit
Every SCRIMED product now has a product-grade audit, safety boundary, proof route, and upgrade lane.
This control plane discovers SCRIMED products, modules, agents, workflows, APIs, UI surfaces, backend processes, and infrastructure components, then audits each product across architecture, debt, performance, security, clinical safety, accessibility, scalability, maintainability, reliability, user experience, developer experience, and compliance.
Operating boundary
Omega is an execution control plane, not approval authority.
SCRIMED Omega Platform Audit is a no-PHI, no-live-care, readiness-only engineering control plane for product discovery, audit findings, upgrade lanes, and proof routing. It does not authorize PHI processing, live clinical care, autonomous diagnosis, autonomous treatment, autonomous prescribing, autonomous billing, payer submission, EHR writeback, production connector activation, public API SLA, legal advice, accounting advice, tax advice, audited financial reporting, securities material, regulatory approval, HIPAA certification, SOC 2 certification, HITRUST certification, FDA clearance, ONC certification, security certification, accessibility certification, or buyer release.
Discovered platform surface
Products, modules, services, APIs, agents, workflows, UI routes, backend processes, and infrastructure are now visible together.
Products
SCRIMED OS, Sanar AI, MyVitals AI, DocuTwin, Ambient Scribe, CareExplain, Perfect Chart, Clinical Copilot, Contact Center AI, Patient Education, TrialCore, OncoID, Trust Engine, Trust Dashboard, Clinical Intelligence Platform, Imaging Platform, Referral Intelligence, Prior Authorization, Revenue Cycle, Payer Intelligence, Population Health, Clinical Research, Provider Dashboard, Executive Dashboard, Admin Console, Patient Portal, SCRIMED University, Atlas Platform, Mobile Applications, Agent Marketplace, Internal Operations Platform
Modules
AgentOS, Atlas Intelligence Core, TrustOS, Healthcare Intelligence OS, Workflow Engine, Health Records Safety Exchange, Interoperability Registry, Protected Pilot Workspace
Services
Product Console, Service Delivery, Launch Readiness, Client Onboarding, Enterprise Business Ops, Enterprise Scalability, Operational Efficiency, Release Continuity
APIs
/api/product/console, /api/production-architecture, /api/healthcare-intelligence-os, /api/agent-os, /api/pilot-workspaces, /api/health-records, /api/workflows/executions, /api/synthetic/fixtures, /api/workflows/results, /api/agent-os/evaluation, /api/workflows/results/validation, /api/clinical-authority-readiness, /api/trust-os, /api/client-onboarding, /api/service-delivery, /api/sales-operations
Agents
orchestration agent, trust agent, release reviewer, Sanar AI agent, clinical verifier, trust reviewer, patient education agent, clinical safety verifier, engagement reviewer, DocuTwin agent, documentation verifier, source evidence agent, ambient documentation agent, coding support agent, education agent, readability verifier, clinical reviewer, chart quality agent, coding verifier, evidence agent, clinical copilot agent, evidence verifier, safety reviewer, contact center agent, routing verifier, communication reviewer, translation reviewer, trial matching agent, evidence grader, research reviewer, oncology agent, genomics evidence agent, clinical trials reviewer, policy verifier, audit reviewer, evidence room agent, claim guard, clinical orchestrator, safety verifier, radiology agent, imaging verifier, model deployment reviewer, referral agent, network matching verifier, access reviewer, prior authorization agent, policy evidence agent, payer reviewer, revenue cycle agent, coding support verifier, finance reviewer, PayerIQ, appeals reviewer, population analyst, equity reviewer, research agent, provider workflow agent, executive analyst, proof reviewer, release advisor, admin reviewer, access governance agent, audit verifier, patient portal agent, education verifier, safety escalation agent, training agent, content reviewer, compliance reviewer, Atlas evidence agent, governance agent, deployment planner, mobile workflow agent, offline sync verifier, security reviewer, marketplace reviewer, tool authorization verifier, sandbox runner, operations analyst, reliability reviewer, boundary resolver
Workflows
product-to-proof routing, release readiness, buyer diligence, draft clinical support, safe escalation, review-gated patient education, vitals trend explanation, follow-up prompt draft, RPM escalation planning, draft note review, structured note validation, review disposition, conversation capture planning, draft note generation, follow-up plan draft, education draft, follow-up explanation, reviewed message packet, chart gap detection, missing documentation queue, human review disposition, draft recommendation support, evidence card review, clinical escalation, call summary draft, routing recommendation, follow-up queue, readability review, approved send packet, eligibility screen, trial matching draft, research review packet, oncology evidence card, trial eligibility draft, human oncology review, trust card generation, claim guard review, release proof review, procurement evidence review, claim review, buyer proof release, clinical summary draft, handoff planning, quality review, imaging triage planning, segmentation workflow draft, radiologist review queue, referral intake, provider matching draft, closed-loop feedback, prior auth packet draft, coverage policy review, human submission queue, denial analysis draft, appeal packet draft, human billing review, policy source review, appeal evidence draft, payer friction analysis, cohort insight draft, engagement planning, quality review queue, hypothesis to evidence, guideline comparison, human research review, review queue, draft approval, escalation disposition, company assessment, investor packet, launch go/no-go review, tenant access review, role assignment, offboarding planning, education review, appointment guidance draft, follow-up plan explanation, training module draft, operator checklist, partner readiness packet, evidence mapping, Trust Card generation, deployment readiness, offline task review, mobile approval, sync reconciliation, agent submission review, permission approval, governance pack release, issue triage, resolution sprint, release checkpoint
Backend processes
AAL2 durable-store smoke, nonsecret test suite, public production smoke, contract checks, protected workspace audit, release checkpoint
Infrastructure
Next.js App Router, Vercel production deployment, Supabase Auth and Postgres, Upstash Redis posture, AAL2 protected routes, synthetic fixture contracts
Upgrade lanes
Highest-impact work is now sequenced into clinical robustness, agent runtime, private AI, payer/referral/RCM, observability, and enterprise infrastructure lanes.
Clinical Robustness Lab
Create adversarial, missing-data, conflicting-data, abbreviation, noisy-note, wrong-unit, multilingual, incomplete-record, temporal-inconsistency, and hallucination-risk evals for every clinical product.
- Pattern: synthetic fixtures, evidence cards, human review queues, regression scorecards
- Proof routes: /clinical-production-readiness, /qa-evidence, /healthcare-intelligence-os
- Hard stops: clinical validation claimed, diagnosis implied, treatment implied, reviewer missing
Agent Runtime and MCP Gateway
Standardize agent identity, scoped permissions, tool manifests, OAuth/OIDC handoff, audit logs, revocation, replay traces, and human approval gates.
- Pattern: agent registry, tool registry, permission manifest, AAL2 protected execution, audit event stream
- Proof routes: /agents, /agent-workspace, /production-architecture, /pilot-workspace/access
- Hard stops: tool execution without permission, unscoped token, missing audit event, AAL2 bypass
Private and Edge AI Architecture
Prepare hospital-deployable local inference, local speech, local vision, local imaging, FHIR gateway, private knowledge graph, offline mode, and no-PHI-egress controls.
- Pattern: edge gateway, local model route, FHIR facade, offline sync ledger, data residency policy
- Proof routes: /deployment-profiles, /enterprise-scalability, /platform-power
- Hard stops: PHI leaves environment without approval, local model unapproved, offline sync unencrypted
Payer, Referral, and Revenue Engine
Convert prior auth, referral intelligence, payer intelligence, and revenue cycle into deterministic review-gated workflows with policy evidence, queue states, ROI measurement boundaries, and no-submission controls.
- Pattern: deterministic workflow contracts, policy source registry, review queues, finance methodology gates
- Proof routes: /health-records, /interoperability, /enterprise-business-ops, /growth-engine
- Hard stops: payer submission approved, coverage guaranteed, coding finalized, reimbursement guaranteed
Observability and Progressive Delivery
Attach traces, cost, latency, model route, confidence, reviewer outcome, hallucination risk, PHI exposure risk, feature flags, canaries, and rollback plans to product releases.
- Pattern: trace envelope, feature flag registry, canary scorecard, rollback owner, release health checks
- Proof routes: /observability, /release-continuity, /launch-readiness, /service-reliability
- Hard stops: release without rollback, unobserved protected action, model route unlogged, cost owner missing
Enterprise Infrastructure, IaC, and Disaster Recovery
Move from app-level readiness into Docker, Kubernetes, Terraform, queue workers, Redis, object storage, backups, restore validation, SBOM, and disaster-recovery drills.
- Pattern: container contract, worker pool, IaC plan, backup validation, SBOM and dependency scan
- Proof routes: /production-architecture, /enterprise-scalability, /global-certification-readiness
- Hard stops: DR claimed without restore test, SBOM missing, secret in IaC, multi-region claim without runbook
Twelve-lens audit standard
Every product is inspected against the same production-quality standard.
Owned module boundary, explicit routes, typed data contract, proof route, and no duplicate runtime.
Is the product modular, domain-bounded, and connected to shared SCRIMED trust, context, workflow, and evidence layers?
- No production workflow can launch from an undocumented or ownerless architecture surface.
Known debt has owner, severity, workaround, graduation gate, and test or smoke coverage.
Are gaps, duplicated concepts, missing owners, and temporary workarounds visible and scheduled for resolution?
- Temporary controls cannot become informal approval.
Latency class, expected payload size, async path, cache policy, and degradation path are defined.
Does the product have a latency, batching, caching, queueing, and cost plan appropriate for its workflow?
- No unlimited usage, SLA, or trillion-scale claim without measured production evidence.
RBAC/AAL2 boundary, token redaction, audit route, denied data classes, and incident owner are visible.
Does the product enforce least privilege, AAL2 where protected, audit logging, secret hygiene, and tool authorization?
- No protected action executes without authenticated, authorized, logged human authority.
Clinical risk class, human signoff, refusal path, evidence source handling, and hard stops are defined.
Does the product avoid autonomous clinical authority while retaining uncertainty, evidence, citations, and human review?
- No autonomous diagnosis, treatment, triage, prescribing, routing, or signed clinical documentation.
Primary route exists or has a planned route, copy is scannable, and certification claims remain blocked.
Can the route be navigated, scanned, and reviewed without hidden critical actions or unsupported accessibility claims?
- No WCAG, VPAT, or Section 508 claim without qualified review.
Tenant boundary, async lane, storage class, scale owner, and rollout plan are documented.
Does the product have a tenant, queue, worker, storage, cost, and multi-region readiness path?
- No managed-service or public-scale commitment without staffing, monitoring, and rollback evidence.
Uses shared route, summary, brief, proof, audit, and boundary patterns.
Is the product built from reusable SCRIMED primitives instead of one-off logic?
- No new product may bypass shared TrustOS, AgentOS, QA, and boundary controls.
At least one deterministic contract check or documented smoke path exists before launch language expands.
Does the product have fail-closed behavior, health checks, retry or fallback posture, and smoke coverage?
- No buyer proof claim without a passing smoke, retained evidence, or explicit limitation.
Clear buyer, trigger, outcome, proof route, action, and boundary language.
Can the target buyer understand value, current boundary, next action, and proof path quickly?
- No sales language may imply authority beyond the current gated state.
Typed source, no-secret fixtures, contract check, and local build compatibility.
Can engineers test, extend, and verify the product without secrets or production data?
- No test fixture may contain PHI, secrets, production credentials, or live patient data.
Blocked claims, approval gates, and qualified-review owners are visible.
Are legal, privacy, security, regulatory, billing, reimbursement, and regional claims bounded?
- No certification, regulatory, reimbursement, or legal conclusion is claimed by this software layer.
Product audit registry
SCRIMED products are now scored, bounded, routed, and assigned next actions.
Scores indicate engineering readiness inside the current no-PHI, no-live-care boundary. They are not clinical validation, certification, production approval, or buyer release.
SCRIMED OS
Needs one authoritative product registry that keeps every product in the same audit and upgrade loop.
- Category: operating-system
- Clinical risk: high
- Buyers: enterprise executives, clinical operations, platform leaders
- Capabilities: operating map, proof stack, workflow controls, agent governance
- Agents: orchestration agent, trust agent, release reviewer
- Workflows: product-to-proof routing, release readiness, buyer diligence
- Boundary: synthetic and metadata only until customer authority exists
- Next: attach Omega audit to product console, expand route smoke coverage, add progressive delivery register
- Routes: /hub, /product, /production-architecture, /healthcare-intelligence-os
Sanar AI
Needs specialty-specific eval packs and clinical governance signoff before protected activation.
- Category: clinical-ai
- Clinical risk: critical
- Buyers: clinicians, care teams, clinical operations
- Capabilities: clinical assistance planning, care explanation routing, human review queues
- Agents: Sanar AI agent, clinical verifier, trust reviewer
- Workflows: draft clinical support, safe escalation, review-gated patient education
- Boundary: no live patient data or direct care authority
- Next: add Sanar specialty eval pack, define refusal policy, map clinician signoff workflow
- Routes: /agents, /pilot-workspace/access, /strategic-intelligence
MyVitals AI
No device ingestion, consent, escalation, or patient notification authority is implemented.
- Category: patient-engagement
- Clinical risk: high
- Buyers: patients, RPM teams, population health leaders
- Capabilities: vitals explanation drafts, RPM readiness, patient engagement analysis
- Agents: patient education agent, clinical safety verifier, engagement reviewer
- Workflows: vitals trend explanation, follow-up prompt draft, RPM escalation planning
- Boundary: synthetic vitals only until device, consent, clinical, and customer authority exist
- Next: create synthetic RPM fixture set, define consent ledger, design human escalation queue
- Routes: /healthcare-intelligence-os, /health-records, /clinical-production-readiness
DocuTwin
Needs ambient capture integration and specialty-specific note evals before clinical use.
- Category: documentation
- Clinical risk: high
- Buyers: clinicians, CMIOs, documentation leaders
- Capabilities: draft note review, source trace, missing-data prompts, clinician review
- Agents: DocuTwin agent, documentation verifier, source evidence agent
- Workflows: draft note review, structured note validation, review disposition
- Boundary: synthetic notes and no-PHI excerpts only
- Next: add documentation scorecards, extend missing-data tests, map clinician signoff states
- Routes: /modules/docutwin, /workflows, /synthetic/fixtures, /workflows/results
Ambient Scribe
Needs audio consent, local speech, specialty templates, and signed-note authority gates.
- Category: documentation
- Clinical risk: high
- Buyers: clinicians, documentation teams, ambulatory operators
- Capabilities: conversation topic tracking, note scaffold, coding support draft, human signoff
- Agents: ambient documentation agent, coding support agent, clinical verifier
- Workflows: conversation capture planning, draft note generation, follow-up plan draft
- Boundary: synthetic conversations only; no live recording authority
- Next: add ambient synthetic transcript evals, define consent and retention controls, add signoff state machine
- Routes: /evaluation, /healthcare-intelligence-os, /competitive-intelligence
CareExplain
Needs multilingual readability evals and patient-communication approval queues.
- Category: patient-engagement
- Clinical risk: high
- Buyers: care teams, patient access, patient education leaders
- Capabilities: patient education draft, readability support, source attribution, human approval
- Agents: education agent, readability verifier, clinical reviewer
- Workflows: education draft, follow-up explanation, reviewed message packet
- Boundary: no PHI and no patient-specific advice
- Next: add multilingual education scenarios, add readability scorecards, link to client onboarding drafts
- Routes: /pilot-workspace/access, /healthcare-intelligence-os, /qa-claim-guard
Perfect Chart
Needs specialty chart-completeness benchmarks and EHR sandbox contracts.
- Category: documentation
- Clinical risk: high
- Buyers: clinicians, quality leaders, revenue integrity
- Capabilities: chart completeness checks, missing evidence flags, coding support draft
- Agents: chart quality agent, coding verifier, evidence agent
- Workflows: chart gap detection, missing documentation queue, human review disposition
- Boundary: synthetic chart metadata only
- Next: build synthetic chart gap suite, define chart-signature hard stop, map RCM reviewer handoff
- Routes: /health-records, /workflows/results/validation, /pilot-workspace/access
Clinical Copilot
Needs adversarial clinical robustness lab coverage before protected activation.
- Category: clinical-ai
- Clinical risk: critical
- Buyers: clinicians, clinical governance, health system leaders
- Capabilities: clinical draft support, evidence attribution, review escalation
- Agents: clinical copilot agent, evidence verifier, safety reviewer
- Workflows: draft recommendation support, evidence card review, clinical escalation
- Boundary: synthetic clinical scenarios only
- Next: add missing-data clinical evals, add contradiction checks, map specialty governance owners
- Routes: /modules/clinical-copilot, /clinical-authority-readiness, /trust-os
Contact Center AI
Needs telephony integration plan, consent controls, and escalation handling.
- Category: operations
- Clinical risk: medium
- Buyers: patient access, call center leaders, operations executives
- Capabilities: call intent classification, draft follow-up, scheduling handoff, human approval
- Agents: contact center agent, routing verifier, communication reviewer
- Workflows: call summary draft, routing recommendation, follow-up queue
- Boundary: business workflow and synthetic contact data only
- Next: define call transcript fixture policy, add escalation queue, map scheduling API gates
- Routes: /client-onboarding, /service-delivery, /sales-operations
Patient Education
Needs formal content review queue and multilingual clinical safety checks.
- Category: patient-engagement
- Clinical risk: high
- Buyers: care teams, patient experience, population health
- Capabilities: plain-language draft, source attribution, review gate, multilingual readiness
- Agents: education agent, translation reviewer, clinical verifier
- Workflows: education draft, readability review, approved send packet
- Boundary: general education and synthetic scenarios only
- Next: add education content registry, add multilingual scenarios, add source citation verification
- Routes: /healthcare-intelligence-os, /qa-claim-guard, /client-onboarding
TrialCore
Needs protocol ingestion governance and no-patient-outreach controls.
- Category: research
- Clinical risk: high
- Buyers: research operations, clinical trials, academic medical centers
- Capabilities: eligibility review queue, evidence ranking, human research review
- Agents: trial matching agent, evidence grader, research reviewer
- Workflows: eligibility screen, trial matching draft, research review packet
- Boundary: synthetic eligibility criteria only
- Next: add protocol source registry, add contradiction detection, map IRB/research governance handoff
- Routes: /modules/trialcore, /workflows, /synthetic
OncoID
Requires qualified oncology governance, genomic privacy controls, and specialty evals.
- Category: clinical-ai
- Clinical risk: critical
- Buyers: oncology programs, research teams, precision medicine
- Capabilities: oncology evidence organization, trial matching draft, genomics-aware review planning
- Agents: oncology agent, genomics evidence agent, clinical trials reviewer
- Workflows: oncology evidence card, trial eligibility draft, human oncology review
- Boundary: synthetic oncology cases only
- Next: create oncology synthetic suite, add evidence grading, define genomics data boundary
- Routes: /healthcare-intelligence-os, /clinical-production-readiness, /global-certification-readiness
Trust Engine
Needs immutable external audit sink and tamper-evidence hardening.
- Category: trust-governance
- Clinical risk: medium
- Buyers: security, clinical governance, procurement, executives
- Capabilities: policy checks, evidence cards, audit events, human review status
- Agents: trust agent, policy verifier, audit reviewer
- Workflows: trust card generation, claim guard review, release proof review
- Boundary: metadata, synthetic evidence, and no-secret references
- Next: add immutable log adapter interface, add trust score regression tests, expand claim guard coverage
- Routes: /trust-os, /trust-center, /qa-evidence
Trust Dashboard
Needs role-specific dashboard filters and protected evidence vault UX polish.
- Category: dashboard
- Clinical risk: medium
- Buyers: procurement, security, clinical governance, investors
- Capabilities: evidence review, claims control, readiness status
- Agents: trust reviewer, evidence room agent, claim guard
- Workflows: procurement evidence review, claim review, buyer proof release
- Boundary: metadata-only evidence references
- Next: add trust dashboard route grouping, add procurement filter model, add evidence expiration alerts
- Routes: /trust-center, /trust, /pilot-workspace/access
Clinical Intelligence Platform
Needs continuous clinical robustness lab implementation and reviewer queue.
- Category: clinical-ai
- Clinical risk: critical
- Buyers: CMIOs, clinical operations, quality leaders
- Capabilities: clinical context, guideline retrieval planning, risk and quality intelligence
- Agents: clinical orchestrator, evidence agent, safety verifier
- Workflows: clinical summary draft, handoff planning, quality review
- Boundary: synthetic clinical context only
- Next: add adversarial clinical eval route, add reviewer queue contract, connect source intelligence
- Routes: /healthcare-intelligence-os, /clinical-production-readiness, /clinical-authority-readiness
Imaging Platform
No imaging model runtime, DICOM image store, GPU scheduler, or radiologist validation is implemented.
- Category: imaging
- Clinical risk: critical
- Buyers: radiology, imaging operations, research teams
- Capabilities: imaging workflow planning, DICOM readiness, edge/GPU roadmap
- Agents: radiology agent, imaging verifier, model deployment reviewer
- Workflows: imaging triage planning, segmentation workflow draft, radiologist review queue
- Boundary: synthetic imaging metadata only; no diagnostic inference
- Next: create imaging architecture contract, add DICOM synthetic fixtures, define GPU deployment gate
- Routes: /healthcare-intelligence-os, /production-architecture, /clinical-production-readiness
Referral Intelligence
Needs deterministic ReferralOS workflow engine and wait-time model governance.
- Category: operations
- Clinical risk: high
- Buyers: referral teams, specialty access, network operations
- Capabilities: referral intake, missing information detection, routing rationale, leakage analysis
- Agents: referral agent, network matching verifier, access reviewer
- Workflows: referral intake, provider matching draft, closed-loop feedback
- Boundary: synthetic referral workqueues only
- Next: add referral workflow contract, add leakage dashboard model, define scheduling approval gate
- Routes: /pilot, /product, /healthcare-intelligence-os
Prior Authorization
Needs payer-specific policy source authority and transaction testing.
- Category: payer-rcm
- Clinical risk: high
- Buyers: payer operations, RCM, access teams
- Capabilities: policy evidence, missing documentation, packet readiness, human submission boundary
- Agents: prior authorization agent, policy evidence agent, payer reviewer
- Workflows: prior auth packet draft, coverage policy review, human submission queue
- Boundary: synthetic policy and record metadata only
- Next: add prior auth synthetic packet suite, define payer policy registry, add no-submission smoke
- Routes: /agents/prior-authorization-agent, /interoperability, /health-records
Revenue Cycle
Needs coding expert review queue and X12/payment workflow separation.
- Category: payer-rcm
- Clinical risk: medium
- Buyers: RCM leaders, revenue integrity, finance
- Capabilities: denial root cause, appeal draft, documentation gap, finance methodology gates
- Agents: revenue cycle agent, coding support verifier, finance reviewer
- Workflows: denial analysis draft, appeal packet draft, human billing review
- Boundary: synthetic billing and denial examples only
- Next: add denial appeal evals, define coding review status, add reimbursement no-guarantee tests
- Routes: /agents/revenue-cycle-agent, /enterprise-business-ops, /growth-engine
Payer Intelligence
Needs policy-source registry and payer/trading-partner approval gates.
- Category: payer-rcm
- Clinical risk: medium
- Buyers: payers, plans, benefit operations
- Capabilities: policy evidence, member-experience planning, appeals intelligence, no-submission guard
- Agents: PayerIQ, policy evidence agent, appeals reviewer
- Workflows: policy source review, appeal evidence draft, payer friction analysis
- Boundary: synthetic payer policy and metadata only
- Next: create PayerIQ registry, add policy freshness checks, add RCM no-submission contract
- Routes: /competitive-intelligence, /health-records, /enterprise-business-ops
Population Health
Needs privacy, equity, aggregation, consent, and outreach governance controls.
- Category: clinical-ai
- Clinical risk: high
- Buyers: population health, quality, value-based care
- Capabilities: aggregate trends, risk cohorts, engagement planning, quality signals
- Agents: population analyst, equity reviewer, clinical safety verifier
- Workflows: cohort insight draft, engagement planning, quality review queue
- Boundary: aggregate or synthetic only until approved data rights exist
- Next: add aggregate synthetic datasets, define equity audit lens, create outreach approval gate
- Routes: /healthcare-intelligence-os, /health-records, /clinical-production-readiness
Clinical Research
Needs official literature connectors, citation verification, and research governance queue.
- Category: research
- Clinical risk: high
- Buyers: research administration, sponsors, academic medicine
- Capabilities: hypothesis workflow, literature ranking, trial matching draft, human review
- Agents: research agent, evidence grader, clinical trials reviewer
- Workflows: hypothesis to evidence, guideline comparison, human research review
- Boundary: public literature and synthetic trial examples only
- Next: add research pipeline contract, add citation verification tests, define trial matching refusal rules
- Routes: /modules/trialcore, /healthcare-intelligence-os, /global-reach
Provider Dashboard
Needs authenticated provider identity, task queues, and role-specific UI.
- Category: dashboard
- Clinical risk: high
- Buyers: clinicians, provider groups, practice leaders
- Capabilities: workflow queue, review tasks, evidence cards, signoff states
- Agents: provider workflow agent, trust reviewer, clinical verifier
- Workflows: review queue, draft approval, escalation disposition
- Boundary: synthetic provider workflows only
- Next: design provider task model, add role-based dashboard route, connect human review queue
- Routes: /product, /clinical-production-readiness, /pilot-workspace/access
Executive Dashboard
Needs drill-down ownership, trend snapshots, and board-ready export controls.
- Category: dashboard
- Clinical risk: low
- Buyers: executives, investors, operations leaders
- Capabilities: whole-company score, proof routes, risk summary, next actions
- Agents: executive analyst, proof reviewer, release advisor
- Workflows: company assessment, investor packet, launch go/no-go review
- Boundary: business readiness metadata only
- Next: add trend snapshot ledger, add board packet export, map owner-level remediation
- Routes: /company-assessment, /product, /launch-readiness
Admin Console
Needs full tenant-admin UX, invitation lifecycle, and access-review automation.
- Category: operations
- Clinical risk: medium
- Buyers: tenant admins, operators, security leads
- Capabilities: tenant access, role review, protected proof, operator evidence
- Agents: admin reviewer, access governance agent, audit verifier
- Workflows: tenant access review, role assignment, offboarding planning
- Boundary: tenant metadata and no-secret evidence only
- Next: add admin console route, add invitation workflow, add access review reminders
- Routes: /pilot-workspace/access, /qa-manual-execution-console, /limitations-workarounds
Patient Portal
Requires identity, consent, PHI authorization, accessibility review, and clinical escalation governance.
- Category: patient-engagement
- Clinical risk: critical
- Buyers: patients, care teams, digital front door leaders
- Capabilities: education, follow-up drafts, navigation support, consent-aware interactions
- Agents: patient portal agent, education verifier, safety escalation agent
- Workflows: education review, appointment guidance draft, follow-up plan explanation
- Boundary: no patient account or PHI authority yet
- Next: define patient identity architecture, add consent tracking model, add accessibility audit plan
- Routes: /healthcare-intelligence-os, /client-onboarding, /clinical-production-readiness
SCRIMED University
Needs curriculum registry, content review, and role-based learning paths.
- Category: education
- Clinical risk: low
- Buyers: internal teams, partners, customer operators
- Capabilities: training paths, operator enablement, buyer onboarding, governance education
- Agents: training agent, content reviewer, compliance reviewer
- Workflows: training module draft, operator checklist, partner readiness packet
- Boundary: training content and synthetic examples only
- Next: create curriculum map, add training proof route, define reviewer workflow
- Routes: /global-reach, /service-delivery, /client-onboarding
Atlas Platform
Needs external evidence-room connectors and regional deployment proofs.
- Category: platform
- Clinical risk: medium
- Buyers: health systems, governments, payers, enterprise buyers
- Capabilities: evidence layer, Trust Cards, document intelligence, enterprise governance
- Agents: Atlas evidence agent, governance agent, deployment planner
- Workflows: evidence mapping, Trust Card generation, deployment readiness
- Boundary: synthetic documents and metadata-only references
- Next: add evidence adapter registry, add sovereign deployment checklist, connect to Omega registry
- Routes: /atlas, /global-reach, /deployment-profiles
Mobile Applications
No mobile codebase, offline sync model, device security plan, or app-store compliance path.
- Category: platform
- Clinical risk: high
- Buyers: clinicians, patients, field teams
- Capabilities: offline review, push-safe workflows, edge cache, human approvals
- Agents: mobile workflow agent, offline sync verifier, security reviewer
- Workflows: offline task review, mobile approval, sync reconciliation
- Boundary: no mobile PHI storage until device, MDM, encryption, and consent controls exist
- Next: define mobile architecture, add offline data policy, map push notification hard stops
- Routes: /production-architecture, /enterprise-scalability, /clinical-production-readiness
Agent Marketplace
Needs MCP gateway, tool-level authorization, revocation, and partner review process.
- Category: platform
- Clinical risk: medium
- Buyers: partners, health systems, developers
- Capabilities: agent registry, permission scopes, governance packs, human approval
- Agents: marketplace reviewer, tool authorization verifier, sandbox runner
- Workflows: agent submission review, permission approval, governance pack release
- Boundary: no third-party agent PHI access without explicit approval
- Next: define marketplace submission schema, add permission manifest, add sandbox execution contract
- Routes: /agents, /governance-packs, /production-architecture
Internal Operations Platform
Needs recurring automation, alerting, and dashboard trend retention.
- Category: operations
- Clinical risk: low
- Buyers: internal operators, release leads, founder
- Capabilities: bottleneck resolution, reliability controls, workaround ledger, release evidence
- Agents: operations analyst, reliability reviewer, boundary resolver
- Workflows: issue triage, resolution sprint, release checkpoint
- Boundary: operational metadata only
- Next: add operations score history, define alert thresholds, connect to release-control checklist
- Routes: /operational-efficiency, /service-reliability, /limitations-workarounds
Next highest-impact implementation