Insights
Field notes from production healthcare AI.
Long-form pieces on the work itself: HIPAA-grade workflow design, replacing rules engines with reasoning, EHR integration through Marketplace, evaluation frameworks for clinical outputs, agent governance, and the economics of fractional AI/CTO.
- ComplianceApr 22, 20264 min read
HIPAA-compliant AI automation: what auditors actually look for
Most teams designing healthcare AI start with the model. The right starting point is the audit. Here's what actually shows up on a HIPAA control review for an LLM-powered workflow — and the design choices that make it pass cleanly.
Read
- ArchitectureApr 8, 20264 min read
Replacing a clinical rules engine with LLM reasoning
Rules engines are brittle, slow to extend, and expensive to test. LLMs are flexible, fast to extend, and impossible to test the same way. Here's the architecture pattern that lets you trade the first set of problems for the second — without losing your safety story.
Read
- IntegrationMar 25, 20264 min read
EHR + Claude: an Athena Marketplace field guide
Athenahealth's Marketplace approval process is a serious gate, especially when Claude or another LLM is in the data path. Here's the workflow that gets you through it without burning weeks on rejected submissions.
Read
- ArchitectureMar 12, 20264 min read
Agent orchestration for clinical decision support
An 'agent' is a fashionable word for something that's been working in production code for decades: a controlled loop that calls tools, reasons about state, and decides what to do next. Here's how to apply that pattern to clinical decision support without the failure modes that have killed lesser CDS systems.
Read
- EvaluationFeb 26, 20264 min read
Evaluation frameworks for clinical AI outputs
An evaluation harness for clinical AI is not a test suite. It's a living artifact — golden cases, judges, drift monitoring, calibration — that lets you ship faster without giving up the safety story. Here's how to build one that survives a clinical review.
Read
- ComplianceFeb 12, 20261 min read
SOC 2 + AI: governance for clinical agent systems
SOC 2's controls were written before LLMs existed, but they map cleanly onto agent architectures if you know how to translate. Here's the mapping — and the documents you should have on file before the auditor walks in.
Read
- ToolsJan 29, 20261 min read
MCP servers for healthcare ops: the safe set
Model Context Protocol turns Claude (and other model clients) into something that can read your systems and act on them. In healthcare, that capability is double-edged. Here's the conservative starter set of MCP servers that gives you 80% of the leverage with bounded risk.
Read
- StrategyJan 15, 20261 min read
Why digital health AI pilots stall — and how to ship them
The same five reasons kill clinical AI pilots over and over: undefined success criteria, unbounded scope, missing evaluation harness, no governance owner, and a clinician audience that wasn't in the room. Here's a checklist that catches these before the pilot starts.
Read
- StrategyJan 2, 20261 min read
From rules to reasoning: a CTO's pivot playbook
Pivoting a clinical product from a rules-based core to an LLM- and agent-based core is a six-month organizational change, not a six-week refactor. Here's the playbook for sequencing the work without breaking the business.
Read
- StrategyDec 12, 20251 min read
The economics of fractional AI/CTO in regulated industries
A fractional AI/CTO retainer at $5K–$15K/month sounds expensive until you compare it to the alternative: a full-time hire that takes 4 months to find, costs $400K all-in, and may not have the specific AI + compliance combination you need. Here's the math, plainly.
Read