System Architecture

A modular, redundant platform built for pharmacy operations. 50+ API modules, 37 pharmacy-specific endpoints, 3-node on-premises processing, automatic failover.

Patient Touchpoints
Phone Calls
SMS / Text
Web Portal
Walk-in
|
AI Processing Layer (On-Premises)
Voice Pipeline
Whisper STT + TTS
Intent Engine
Classify + Route
Tier Classifier
T0/T1/T2/T3
Local LLM
Llama 70B
|
Core Services
Patient Service
CRUD + Verify
RX Service
Workflow Engine
PA Service
Prior Auth Flow
Inventory
Stock + Reorder
|
Integrations
PMS Connector
Pioneer Rx / Liberty
Twilio
Voice + SMS
Claude API
Complex Reasoning
PDMP
Controlled Substance
|
Data Layer
Encrypted Storage
AES-256 + JSON
HIPAA Audit Log
Append-Only, 6yr
Call Recordings
Encrypted Archive

8 Core Modules

1. Voice Pipeline

Twilio + Whisper STT + TTS
  • Natural language call handling
  • Multi-turn conversation
  • DTMF fallback
  • Encrypted recordings
  • "Transfer to pharmacist" always available

2. Intent Engine

NLU classification + routing
  • Refill detection
  • Status inquiries
  • Transfer handling
  • Insurance routing
  • Emergency triggers

3. Patient Verification

Identity confirmation
  • Name + DOB matching
  • Phone number verification
  • Address confirmation
  • Cannot confirm meds to unverified callers

4. PMS Integration

Pharmacy management system connector
  • Pioneer Rx adapter
  • Liberty Software adapter
  • Computer-Rx, QS/1, McKesson
  • HL7 / NCPDP protocols

5. Tier Classification

Automation routing engine
  • 10 default classification rules
  • Controlled substance detection
  • DUR alert severity routing
  • Configurable rule priorities

6. Staff Dashboard

Real-time operations interface
  • Live call queue
  • Approval workflow (T1-T3)
  • Transcript viewer
  • One-click actions
  • Analytics + metrics

7. Notifications

Patient communication system
  • SMS ready alerts
  • Refill reminders (3 days before)
  • Pickup reminders (7 days)
  • Quiet hours enforcement
  • Caregiver copy option

8. Audit Module

HIPAA compliance engine
  • All PHI access logged
  • 6-year append-only retention
  • Anomaly detection
  • On-demand compliance reports
  • Actor + IP + timestamp tracking

Tier Authorization Matrix

ActionT0 AutoT1 TechT2 RPhT3 Mgr
Status inquiryAUTO
Refill request (eligible)AUTO
Store hours / locationAUTO
Transfer requestTECH
Insurance questionTECH
PA form submissionTECH
New Rx verificationRPh
Controlled substanceRPh
Drug interaction overrideRPh
Clinical consultationRPh
Price adjustmentMGR
Refund processingMGR
Patient complaintMGR

AI / LLM Stack

Hybrid approach: local LLM handles 90% of requests. Cloud AI handles complex reasoning with anonymized context.

On-Premises (Primary)

Llama 3.1 70B on Mac Mini M4 Pro
  • Intent classification
  • Routine patient queries
  • Data extraction
  • Response validation
  • No PHI leaves premises
  • No per-token cost
  • ~15 tokens/sec inference

Cloud (Fallback)

Claude API with BAA
  • Complex reasoning
  • Nuanced patient questions
  • Sentiment analysis
  • Document generation
  • Anonymized context only
  • GPT-4 as secondary fallback
  • 99.9% SLA

3-Node Redundancy

ScenarioWhat HappensDowntime
Primary server crashHot standby takes over automatically<30 seconds
Both active nodes failCold standby activated manually<5 minutes
Internet outage at pharmacyPhone system continues (Twilio hosted externally)0 seconds
All LLM providers downLocal Llama handles calls with simpler responses, escalates more to staff0 seconds
Power outageUPS keeps Mac Minis running for 15-30 min. Twilio continues externally.0 seconds (calls)

Total redundancy cost: ~$85/month (standby VPS + monitoring + backups). The previous vendor's system went down because they had a single point of failure. We have zero.

Modular Architecture

50+ isolated modules. Each one runs independently. Update one without touching the rest. No full reimaging. No full rollbacks. No downtime.

Voice Pipeline
Intent Engine
Patients
Prescriptions
Prior Auth
Inventory
Clinical Svc
Notifications
Tier Engine
Automations
Audit Trail
Analytics
PMS Bridge
PDMP Check
Insurance
Drug DB
Auth / MFA
Security
Scheduler
Events Bus

Each box is an independent module. Pull one out, the rest keep running.

Why Modularity Matters for Reliability

Hot-Swap Updates

Update one module at a time across the 3-node cluster
  • Update the Inventory module on Node B while Node A handles traffic
  • Verify it works on Node B, then roll it to Node A
  • Node C stays untouched as the known-good fallback
  • If the update breaks something: roll back that one module, not the whole system

Fault Isolation

One module failing never takes down the system
  • If the PA module has a bug, prescriptions still process
  • If the voice pipeline has an issue, the dashboard still works
  • If inventory throws an error, patient records are untouched
  • Each module has its own error handling and recovery

No Full Reimaging

Traditional systems require full OS restores on failure
  • Old way: system goes down, reimage the whole server, restore from backup, pray
  • Our way: identify the broken module, swap it with the known-good version from another node
  • Minutes to fix, not hours
  • Data layer is separate from logic layer -- your patient data is never at risk

Modular + 3-Node = Rolling Updates

StepNode A (Primary)Node B (Hot Standby)Node C (DR)
1. Prep updateServing trafficReceives updateUnchanged
2. Test on BServing trafficTesting updated moduleUnchanged
3. Promote BStandby (old version)Now serving trafficUnchanged
4. Update AReceives same updateServing trafficUnchanged
5. Both currentBack to primaryHot standby (current)Snapshot updated

Total downtime during the entire update process: zero seconds. Traffic never stops. If the update fails on Node B, Node A is still running the proven version. Node C is always available as the last-known-good backup.

The Previous Vendor's Mistake

Monolithic systems go down because everything is coupled. One bad update, one crashed service, one corrupted config -- and the whole thing stops. With modular architecture, you're swapping a single Lego brick while the rest of the structure stands. With 3 nodes, you always have a working copy to fall back to. This is how enterprise systems are built. This is why your phones will never go down.

Implementation Roadmap

Phase 1: Weeks 1-4

Phone Automation
  • AI phone system live
  • SMS ready notifications
  • Basic staff dashboard
  • 50% call reduction

Phase 2: Weeks 5-8

Command Center
  • Full staff dashboard
  • Refill automation
  • Transfer workflow
  • Analytics live

Phase 3: Weeks 9-12

Deep Integration
  • PMS write access
  • PA automation
  • Inventory intelligence
  • 72% call automation

Phase 4: Months 4-6

Revenue Services
  • Clinical services scheduler
  • MTM program launch
  • Med sync enrollment
  • $5K+/mo new revenue