Skip to case study content
Projects

Case Study

AI Clinic Operations Copilot

Contact
Production case study

AI Clinic Operations Copilot

Compliance-First Dental EHR

Compliance-first dental EHR for Colombia — immutable clinical folios, certified digital signatures, FHIR RDA to MinSalud, and production-grade AWS infrastructure.

Next.jsFastAPIPostgreSQLAWSDocker
AI Clinic Operations Copilot product preview
Role
Full Stack Engineer
Domain
Healthcare / Regulatory Compliance
Users
Dental clinic staff
Market
Colombia
Stack
Next.js · FastAPI · PostgreSQL · Celery · FHIR · Docker
Continue to demo

Product demo

Problem

In Colombia, a dental health record is a legal document — not a CRUD form — and non-compliance can shut the clinic down.

Many dental practices still rely on paper records or systems that fail electronic health record, data protection, and national interoperability requirements.

The compliance gap

Regulatory risk is existential for clinic owners — not an IT nice-to-have.

Fines can reach 2,000 SMLMV. Health authorities can suspend or close operations. The IHCE integration deadline via FHIR RDA (Resolution 1888/2025) has already passed for clinics still on paper or non-compliant software.

The product challenge was not building another clinic admin panel. It was encoding Colombian law into software: append-only records, traceable corrections, certified signatures, immutable audit trails, official catalogs, and government interoperability.

Understand the stakesThen see the compliance engine

Solution

A compliance-first clinical operations loop — not a generic healthcare CRUD app.

The platform enforces Colombian health and data-protection law at every step: admit, consent, document, sign, interoperate, audit, retain, and deliver.

01

Admit

Receptionist registers the patient with a minimal admission master — ID, names, birth date, DANE location, contact — validated against official catalogs.

02

Consent

Patient grants informed consent in-clinic on tablet. Staff acts as witness. No clinical folio can open without valid data-treatment consent.

03

Folio

Dentist opens a draft folio: clinical sections, CUPS treatment plan, and FDI odontogram. Draft persisted as encrypted JSON until signed.

04

Interoperate

On certified signature, the platform builds an RDA FHIR bundle, submits to IHCE, stores the VIDA, and logs the full audit trail.

Capabilities behind the journey

Append-only clinical folios

Signed records are never modified. Corrections are new folios referencing the original — legally defensible and audit-ready.

Certified digital signatures

Treating professionals sign with Colombian CA tokens (PKCS#7/CAdES). Server verifies chain, revocation, and identity before closing a record.

In-clinic informed consent

Patients sign on tablet with staff witness. HMAC-sealed signatures with full audit trail — no paper, no lost authorizations.

FHIR RDA interoperability

Every signed visit generates a BundleAmbulatoryRDA and submits to MinSalud IHCE. VIDA acknowledgment stored as proof of acceptance.

Regulatory catalogs

CIE-10, CUPS, CUM, CIUO, ISO 3166, and DANE are first-class reference data — not free-text where the law requires a catalog.

Immutable audit trail

Every read, write, export, and correction on clinical data is logged with user, action, entity, before/after values, IP, and timestamp.

Impact

Operate legally or close — compliance targets are non-negotiable.

The platform is built around measurable compliance KPIs that determine whether a clinic can keep its license to operate.

01 - Risk

Paper records and non-compliant systems expose clinics to fines up to 2,000 SMLMV, suspension, and closure by health authorities.

02 - Intervention

Law encoded into software: append-only folios, certified signatures, FHIR RDA automation, and immutable audit evidence.

03 - Outcome

A real dental clinic operates on production AWS infrastructure with electronic health records that satisfy Colombian interoperability and data-protection requirements.

Compliance & delivery KPIs

100%

Certified signatures

Target: every closed clinical record carries a valid certified digital signature from the treating professional.

≥ 99%

RDA / VIDA acceptance

Target: signed visits with RDA submitted and VIDA received, allowing for transient MinSalud failures with retries.

100%

Consent before care

Target: valid informed consent captured before any clinical folio can be opened.

Healthcare CRUD is not enough

The platform reframes clinic software from an admin panel into a regulatory compliance system that happens to manage patients.

Architecture

How the compliance engine is built — and shipped to production.

Stack, security, clinical workflows, data model, cloud infrastructure on AWS, and the CI/CD deployment pipeline.

System Overview

Staff actions flow through Next.js, FastAPI, PostgreSQL, and Celery workers — with every sensitive operation audited and RDA submission decoupled via transactional outbox.

Staff UI
FastAPI
PostgreSQL
Celery
Amazon S3
AWS Production
MinSalud IHCE
LayerRole
Staff UIClinical folios, odontogram, consent tablet, compliance dashboard.
FastAPIRBAC, use cases, signature verification, OpenAPI contracts.
PostgreSQLClinical records, audit logs, catalogs, outbox events.
CeleryRDA submission, retention classifier, outbox dispatch.
Amazon S3Radiographs, consent images, and FHIR bundle archives in production.
AWS ProductionEC2 hosts Docker Compose stack; RDS for PostgreSQL; ECR for images; IAM roles for S3 access.
MinSalud IHCEFHIR RDA submission and VIDA acknowledgment.
Next.jsFastAPIPostgreSQLCeleryRedisAWSS3FHIR

Decisions

Lessons

Repeat

What is worth carrying into the next regulated product.

  • Constitution-driven development (business rules + technical constitution) prevented shortcuts that would violate compliance.
  • The folio model maps directly to how Colombian law thinks about clinical records — chronological, signable sheets.
  • Transactional outbox decoupled sign operations from IHCE availability without losing RDA submissions.
  • EC2 + ECR + Docker Compose on AWS gave production parity with local dev — same topology, automated via GitHub Actions.

Refine

What deserves another iteration.

  • Operational runbooks for backup, monitoring, and disaster recovery on RDS and EC2.
  • Compliance dashboard polish — RDA/VIDA status semaphores and retention archive visibility for administrators.
  • Playwright e2e coverage for the full sign → RDA → export flow in CI.

Transfer

What changed my engineering judgment.

  • In regulated domains, compliance is the product — not a checkbox added after the CRUD is done.
  • Law shapes the data model: append-only, rectification-as-new-record, and retention stages are schema decisions, not preferences.
  • Interoperability is a pipeline (FHIR profiling, OAuth2, retries, VIDA, clarifying notes) — not a single API endpoint.
  • Shipping regulated healthcare software to AWS taught me that CI/CD and IAM matter as much as the domain model.

Next step

Want the compliance architecture details?

Explore the repository or reach out if you want to talk through append-only clinical records, FHIR interoperability, or regulated full-stack design.