sttil/Signal
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Signal/CLAUDE.md

71 lines
3.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# STTIL Solutions — Signal CGM | Level 1 Active Context
## What This Tool Does
Signal CGM is a B2B CGM coverage worklist tool for DMEPOS suppliers.
It ingests shipment data (CSV from Brightree/WellSky), calculates
coverage expiration per patient using device wear-day rules, and
produces a prioritized worklist so small DME teams can do proactive
outreach BEFORE claims deny.
## Core Value Proposition
Shifts supplier staff time from reactive (appeals after denial)
to proactive (preventing denial conditions).
The workload curve: appeals volume drops over time as proactive
coverage management replaces it. Outreach volume starts manageable
and stays predictable.
## PHI Architecture — Non-Negotiable
- STTIL never stores patient names, SSNs, DOBs, or contact info
- Sole crosswalk key: patient_id (DME's internal MRN or account #)
- DME staff maintain the patient_id ↔ real identity mapping locally
- AI/calculation layer sees: patient_id, device_type, shipment_date,
quantity, payer — NOTHING else
- All logs use hashed patient_id, never raw
## Level 1 Stack (Active)
- Hosting: Hostinger VPS (self-hosted, data never leaves VPS)
- Language: Python (FastAPI or Flask)
- Database: PostgreSQL (encrypted at rest, audit logs)
- Orchestration: n8n self-hosted (24-hr batch trigger)
- Notifications: Self-hosted Mailcow — encrypted email to DME staff only
- Frontend: Simple dashboard (Vercel or self-hosted)
- Auth: Session tokens in PostgreSQL (no Convex needed for MVP)
## Active Files
- python-backend/core/coverage_calculator.py
- python-backend/core/audit_logger.py
- python-backend/core/db_models.py
- python-backend/config/payer_rules.json
- Projects/DMEPOS/dmepos-research-v3.md (market context)
- Projects/DMEPOS/compliance-roadmap-v1.md
- Projects/Newsletter/newsletter-strategy-v1.md
## Current BAA Obligations (Level 1 Only)
- Hostinger VPS: Request BAA (PHI host)
- Anthropic API: Request BAA if AI layer touches PHI
- Everything else: self-hosted = you are the operator
## Workload Impact Model (Build This)
Two-curve graph showing supplier staff time over months:
- Curve A: Appeals/denials workload (reactive) — starts HIGH, trends DOWN
- Curve B: Proactive outreach via Signal CGM — starts MANAGEABLE, stays FLAT
- X-axis: Months 112 post-onboarding
- Crossover point = ROI moment to show on discovery calls
## What Is Tabled (Do Not Build Yet)
| Item | Phase | Reason deferred |
|------|-------|----------------|
| Dexcom OAuth API integration | Phase 2 | Requires vendor agreement + PHI scope expansion |
| Prescriber fax automation | Phase 2 | Workflow complexity; Level 1 manual outreach sufficient |
| Patient-facing SMS (Twilio, not SignalWire) | Phase 3 | PHI transmission to third-party; requires BAA + consent layer |
| Consortium strategy (Level 2/3) | 1824 months | Depends on 15+ paying Level 1 suppliers first |
| Convex | Phase 2+ | Not needed until real-time sync requirements emerge |
## Instructions for Claude Code Sessions
- Work only on Level 1 scope
- Never suggest adding PHI fields beyond patient_id
- Flag any vendor integration that would require a new BAA
- When building calculations, reference payer_rules.json for wear days
- When building audit logs, always hash patient_id before storing
- If asked about Phase 2/3, acknowledge and defer — do not spec or build
Reference in a new issue View git blame Copy permalink