Documentation

CRIE — the Clinical Risk Intelligence Engine — turns medical notes into structured, auditable risk signals. This documentation explains how it works, how it stays secure, and where it is going.

Quick links

• System architecture — request lifecycle, services, datastores.
• Security model — encryption, RLS, PASETO, audit log.
• Modules — genomics, imaging, CDS, predictive risk, population health, adverse events.
• Compliance posture — HIPAA, GDPR, ISO 27001 alignment.
• Roadmap — what is shipping next.
• API reference — REST endpoints and contracts.

Design principles

• PHI-safe by default. Free-text PHI is encrypted at rest, scrubbed before logging, and isolated by Row Level Security.
• Auditable. Every read and write of clinical data is recorded in an append-only, hash-chained audit log.
• Deterministic. AI outputs are JSON-validated against a strict contract. Free-form prose is never trusted as a decision.
• Open. Local Ollama models are first-class; cloud providers are opt-in.