DRIS v1.0 — Drug Report Intelligence System

Context

Clinical practitioners working across multiple jurisdictions face an unforgiving information environment. Drug-interaction databases, adverse-event registries, prescription verification systems, and clinical decision-support tools are each maintained by separate authorities, in separate languages, with separate update cadences. A practitioner in Karachi treating a multilingual patient cohort cannot realistically consult all the relevant authorities in real time without a unified retrieval surface. Phoenix Minds set out to build that surface — and to do it in a way that would survive a clinical governance review at HIPAA and GDPR scale.

Challenge

Healthcare AI under regulatory constraint is not a marketing claim. The audit log has to know everything every agent did, in a form that survives subpoena. The per-tenant isolation has to be cryptographically demonstrable, not merely documented. The clinical assertion gate has to be schema-grade, not prompt-grade — the model is not permitted to produce a clinical assertion the schema does not authorise. And the language coverage has to be authentic across all fifty-eight target languages, including the full RTL family, because the patient population is genuinely multilingual.

Approach

The agentic core runs on Anthropic Claude with tool calls into the OpenFDA live API. A per-tenant vector store on pgvector handles clinical-literature retrieval. A structured-output validation layer gates every clinical assertion against a Pydantic schema — the model emits structured output, the validator checks every field against permitted ranges, and only assertions that pass validation reach the practitioner. An audit-log layer writes a SHA-256 signed record of every agent decision, including the prompt, the tool calls, the retrieved context, the routing path, and the validated output. Multilingual coverage runs through a fine-tuned translation routing layer with full RTL support for Arabic and Urdu.

Front-end delivery is on a Liquid Glass UI built in Next.js 15 with React 19 and Framer Motion for the kinetic surface. The UI is calibrated to read as a clinical-grade product surface — heavy on typography, sparse on chrome, no decorative animation. The deployment surface supports zero-downtime patching of the underlying reasoning model behind a feature-flagged router; the clinical workflow does not depend on a specific model version.

Delivery Ownership

This engagement followed the Phoenix Group principal-led model. I owned the strategy, the architecture, the agent design, the schema layer, the audit-log architecture, and the multilingual routing layer end to end. The HIPAA and GDPR posture is documented in an evidence pack covering data-residency, access-control, audit-log retention, encryption at rest and in transit, and per-tenant isolation. The evidence pack survives a clinical governance review on its own.

Outcomes

Technology Stack

Anthropic Claude API as the primary reasoning model, Next.js 15, React 19, TypeScript, FastAPI, Python 3.12, LangGraph for the agentic orchestration, Framer Motion for the Liquid Glass UI, AES-256 at rest, TLS 1.3 in transit, SHA-256 audit logging, Supabase for the per-tenant data plane, Prisma ORM for the schema layer, pgvector for the clinical-literature vector store, OpenFDA live API.

Services Delivered

Healthcare & Regulated AI / Agentic AI Architecture & Build / RAG & Knowledge Fabric / LLMOps & Production AI Platform.

Why it matters

DRIS is the working argument that healthcare AI under regulatory constraint is buildable, deployable, and maintainable today. The HIPAA and GDPR posture is documented in the evidence pack. The OpenFDA integration is live, not mocked. The audit log survives a clinical governance review. For the engineering detail behind the audit-log architecture, see the companion Insight: HIPAA-aligned agentic AI: what the audit log has to know.