From one country’s records to a global-ready health platform — built for clinicians, not compliance checklists.
The business bottleneck
A growing neurology clinic network was expanding across borders — and their patient data infrastructure wasn't keeping up.
Device data from InBody scanners, retina imagers, and screening booths landed in different places. Clinical notes lived separately from lab results. Consent records weren’t standardized. And as they moved into new EU markets, the question of GDPR compliance, data residency, and audit readiness became impossible to defer.
They needed a real EHR — one purpose-built for screening-focused neurology workflows, not a generic system adapted to fit.
Why off-the-shelf EHRs didn’t fit
- Generic systems aren’t built for multi-device screening workflows
- No native FHIR support means painful integration overhead later
- GDPR compliance can’t be bolted on after the fact
- Multi-country rollout requires localization built into the architecture, not patched in
So we built from the ground up — compliant, connected, and designed to travel.
How we delivered it
We started with the clinical workflow, not the data model.
"The architecture we designed in phase one didn't need surgery for phase two or three — it just needed configuration."
A screening visit has a clear shape: intake and consent, triage and vitals, device capture, clinician review, signed report, follow-up. Every feature we built maps to a real step in that process.
The data layer was built FHIR R4-aligned from the start — Patient, Encounter, Observation, DiagnosticReport — so device integrations, lab connections, and future partners speak a standard language. RabbitMQ handles async device streams. TimescaleDB manages time-series observation data from connected hardware.
GDPR compliance was structural: EU-only data residency, AES-256 encryption at rest, TLS 1.3 in transit, immutable WORM audit logs, MFA for all clinical staff, and role-based access scoped tightly to site and function.
Compliance & Security
Application Layer
Database & Caching
Integration
What really moved the needle
Compliance architecture done right makes expansion cheap.
By designing EU data residency, consent management, and FHIR alignment into the foundation, each new market phase was a configuration rollout — not a re-engineering project.
We also learned that device trust is a clinical problem, not just a technical one. Clinicians need to know where an observation came from before they act on it. Building source provenance into every imported data point — scanner ID, timestamp, technician, site — wasn’t scope creep. It was patient safety.
Finally, role design matters more than people expect. A front desk coordinator who can accidentally access clinical notes is a GDPR incident waiting to happen. Getting least-privilege access right early prevented real-world compliance exposure.
