Executive Summary
Build what you control first. BAAs run in parallel. Phase A is a product, not a prototype.
30
Interfaces ship in Phase A
of 42 total
of 42 total
12
Deferred to Phase B
patient-facing workflows
patient-facing workflows
8/10
Cross-workstream events
flow without PHI
flow without PHI
~8 wk
Faster to working software
Week 10 vs. Week 18
Week 10 vs. Week 18
The PHI-Free-First approach restructures SGA's platform build around a single principle: no individual patient data enters the system until HIPAA compliance infrastructure is verified. Of the platform's 42 interfaces, 30 are fully functional without patient health information — covering practice culture management, brand content pipeline, executive dashboards, enrollment, and storefront generation. Development starts immediately on these interfaces while BAA procurement runs as a parallel background process. Phase A delivers a complete operational product to 260+ practices by Week 14. Phase B adds patient-facing features (Nerve Center, Concierge, Automation, Voice AI, funnel analytics) after the compliance gate passes. Nothing built in Phase A is removed — Phase B is purely additive. The architecture is designed for addition, not subtraction.
PHI Dependency Map
What ships in Phase A vs. what waits for Phase B, by workstream.
WS1: Practice Platform
14/25
Phase A (14 interfaces)
Enrollment Pipeline & Invitation System
Storefront Manager & Generation
Executive Dashboard (5 KPIs)
Portfolio Heatmap (5 layers)
Intervention Queue (culture-risk)
Practice Deep Dive (4 tabs)
HQ Standup Board
Practice Daily Agenda (modified)
Playbook Viewer & Manager
Compliance Readiness Dashboard
Practice Website (basic)
Phase B (11 interfaces)
Nerve Center (patient cards)
Concierge Agent (chat/SMS)
Patient Outreach Queue
Automation Engine
Call Dashboard
Voice AI
Funnel Data Lake
Funnel Analytics Explorer
SMS Conversations
Email Communications
Digital Forms
HQ-facing tools (enrollment, dashboards, heatmap) ship fully. Practice-level patient workflows are deferred.
WS2: Content Engine
8/9
Phase A (8 interfaces)
Capture Bot (brand briefs, PWA + SMS)
Capture App (team/office photos)
Editorial Queue
Studio Request Portal
Brand Review (58-sec approve)
Asset Registry
Dashboard (1 panel deferred)
Distribution Monitor (IG, FB, GMB)
Phase B (1 interface)
Event Mode Console (CE-9)
+ Before/after photo mode
+ Procedure-driven missions
+ Attribution analytics panel
+ Procedure-driven missions
+ Attribution analytics panel
Strongest Phase A story: 8 of 9 interfaces ship. The content pipeline is content-type-agnostic by design.
WS3: Culture OS
8/8
Phase A (8 interfaces)
Morning Huddle Display (TV + PWA)
Champion Hub & Scorecard
CCA Academy (Bronze-Gold)
Recognition & Rewards Feed
H-Score Dashboard
Trust Transfer Tracker (aggregate)
Playbook Library
Culture Admin Console
Phase B (0 interfaces)
Only addition: individual call drill-down in Trust Transfer Tracker + funnel-metric impact stories in Morning Huddle.
Cleanest workstream: ALL 8 interfaces ship. Culture OS was designed around aggregate vendor scores, not patient data.
User Journeys
End-to-end flows showing what users experience in Phase A.
Practice Enrollment to Executive Visibility
Angela Rivera — HQ Operations Specialist
New Practice Enrollment Pipeline
Angela opens Network Intelligence on her desktop and navigates to the Enrollment Pipeline. She sees all practices in onboarding organized as a horizontal Kanban board with four stages: Harvesting, Integrating, Testing, and Live. She drags "Dental Arts Decatur" from Harvesting to Integrating after confirming profile data is complete.
On screen: Kanban pipeline with practice cards showing data completeness scores, integration status indicators, and days-in-stage counters. Batch action toolbar for cohort invitations.
PHI-free: Enrollment uses practice profile data (name, address, staff roster, practice type) — zero patient information.
Phase B addition: Pipeline gains PMS connectivity status column. Practices show NexHealth webhook health once PMS Integration activates.
Automated — Storefront Generation Engine
Storefront Generation & Deployment
Once a practice reaches the Integrating stage, the Storefront Generation engine creates a template-based website using the practice's profile data and Gen4 brand assets. Angela previews the generated site, confirms accuracy, and deploys it to a CDN-backed custom domain. The site includes provider bios, office photos, and a booking link to the NexHealth-hosted scheduling page.
On screen: Site preview with desktop/mobile toggle, practice branding applied, auto-generated provider bio cards, embedded Google Map, and "Book Now" button linking to NexHealth hosted page.
PHI-free: Websites use practice data and brand assets. No patient reviews, testimonials, or before/after galleries in Phase A.
Phase B addition: Patient review widget (from Swell), before/after photo gallery (with consent), and live appointment availability from PMS.
Dr. Sarah Chen — CEO / Executive
Executive Dashboard (Aggregate KPIs)
Dr. Chen opens the Executive Dashboard and sees five KPI cards at the top: Active Practices (247), Network H-Score (72, trending up), Average Brand Health (68), Enrollment Pipeline (13 in progress), and Content Captures MTD (342). Below, an AI Alerts panel flags two practices with declining H-Scores and one with a brand health violation. She clicks a practice to investigate.
On screen: 5-card KPI bar with sparkline trends, AI Alerts panel with severity indicators, Portfolio Heatmap with color-coded practices, and drill-down navigation to Practice Deep Dive.
PHI-free: All KPIs derive from aggregate vendor scores (Cinnamon, Swell, Dental Intel), platform-native data (enrollment, captures), and brand health crawls. No patient data.
Phase B addition: KPI bar expands to 8 cards: adds Total Production, New Patients, Show Rate. AI alerts incorporate revenue-impact signals.
Dr. Sarah Chen — CEO / Executive
Practice Deep Dive (4 Tabs in Phase A)
Dr. Chen drills into "Smile Center Buckhead." The Practice Deep Dive opens with four tabs: Profile, Culture, Content & Brand, and History. The Culture tab shows the H-Score breakdown (Cinnamon 58, Swell 71, Dental Intel 74), huddle completion calendar, CCA certification roster, and champion scorecard. The Content & Brand tab shows brand health score, asset gallery, and social engagement metrics.
On screen: 4-tab interface — Profile (practice data, staff roster), Culture (H-Score, huddle, CCA), Content & Brand (brand health, social, assets), History (enrollment timeline, key events).
PHI-free: All four Phase A tabs use aggregate/staff/brand data. No patient-level information anywhere.
Phase B addition: Two new tabs inject at positions 1 and 2 — Performance (5-stage funnel, conversion rates, revenue) and Communications (message volumes, response rates). Existing tabs shift right.
Marcus Williams — VP Operations
Intervention Queue (Culture-Risk Ranked)
Marcus opens the Intervention Queue to see practices ranked by Culture Risk Score — an AI-generated composite of H-Score drops, brand health degradation, champion inactivity, and CCA certification gaps. He identifies a practice with a 14-point H-Score drop, clicks to view the root cause analysis (low phone scores, missed huddles), and assigns an intervention to the regional team.
On screen: AI-ranked list with risk scores, root cause breakdown, assign/dismiss/view actions, and practice context sidebar.
PHI-free: Ranking uses culture and brand signals exclusively. Not revenue-based — culture-risk-based.
Phase B addition: Ranking algorithm incorporates revenue impact. Practices with both culture decline and revenue decline surface higher.
Lisa Torres — Office Manager
Office Manager PWA (Limited Phase A View)
Lisa opens the Practice Operations PWA on her phone. Her bottom nav shows Today, Capture, Huddle, and Hub (if designated as champion). The Today screen displays a Practice Briefing with the H-Score trend, content capture brief, and practice action cards for storefront health, playbook updates, and culture focus. Patient appointments, phone queues, and outreach tasks are not present — those arrive in Phase B.
On screen: Practice Briefing card, H-Score widget, content capture prompt, 3-4 practice-focused action cards (storefront health, content, playbook, culture).
PHI-free: All action cards are practice-operational. No patient data, appointment schedules, or phone queues.
Phase B addition: Nerve Center activates with patient action cards (callbacks, confirmations, outreach). Nav expands. Today screen shows patient agenda alongside practice briefing.
Brand Content to Multi-Channel Distribution
Maria Santos — Champion / Hygienist
Content Mission via Champion Hub
Maria opens the PWA at 7:30 AM and taps Hub. Her Champion Hub shows a unified scorecard (Culture 92, Content 88), streak indicators, and this week's missions. A content mission reads: "Team photo day — capture the team before morning huddle." The mission was delivered via PWA push notification at 7:00 AM, generated by the Content Engine's nightly mission scheduler based on the brand content calendar.
On screen: Champion scorecard with culture + content scores, weekly missions list (content + culture), cohort leaderboard position, streak indicators, and "Open Camera" action button.
PHI-free: Missions are brand/culture-driven ("team photo," "office tour," "provider portrait") — never procedure-driven ("capture implant before/after").
Phase B addition: Procedure-driven missions from PMS appointment data. SMS/WhatsApp delivery via Communications Service supplements PWA push.
Maria Santos — Champion / Hygienist
Content Capture (Brand Content)
Maria taps "Open Camera." The full-screen camera overlay shows a composition guide for group photos. She selects "Team Photography" from the content type selector (other options: Office Environment, Provider Portrait, Video). She captures the photo, reviews the preview with practice and content metadata, and taps "Upload." The photo saves to IndexedDB for offline safety and uploads to S3 when connected.
On screen: Camera viewfinder with composition guide overlay, content type selector (4 brand options), practice tag, capture button, preview with retake/upload actions.
PHI-free: Before/after photo pairing mode hidden via feature flag. Procedure-type tags absent. Only brand content types available.
Phase B addition: "Before/After" content type appears with clinical alignment guides, patient consent capture step, and procedure-type tagging from PMS.
Automated — Content Engine AI Pipeline
AI Processing (~45 seconds)
Within 45 seconds, the Content Engine processes Maria's photo autonomously: color correction and exposure normalization, smart cropping into three platform variants (1:1 for Instagram, 16:9 for Facebook, 4:3 for Google Business), Gen4 brand watermark overlay, and AI-generated captions for each platform via Claude Haiku. The asset moves to "Ready for Review."
On screen: Background process — asset appears in Editorial Queue with "AI Processing Complete" badge showing all variants and generated captions.
PHI-free: AI pipeline is content-type-agnostic. Captions reference team and practice, never individual patients.
Phase B addition: Procedure-aware captions and patient-consent metadata for clinical content.
HQ Content Team — Editorial Reviewers
Editorial Queue Review & Approval
At 11:00 AM, an HQ reviewer opens the Editorial Queue and sees 12 assets ready for review. Each shows a thumbnail, AI-generated captions per platform, brand compliance status, and content metadata. The reviewer edits the Instagram caption to add team member names, confirms Facebook and GMB captions, and clicks "Approve." The asset moves to distribution-ready status.
On screen: Kanban queue (Ready / In Review / Approved / Rejected), asset detail with full-size preview, editable captions per platform, brand compliance auto-check.
PHI-free: Editorial workflow is content-type-agnostic. This interface is completely unchanged from the original design.
Creative Director — Brand Approval
58-Second Tap-Approve Flow
The Creative Director receives a Microsoft Teams notification: "3 assets ready for brand review." They open the review queue showing full-size previews with Gen4 brand compliance badges. Two assets pass auto-check; one shows a font weight warning. The Creative Director approves all three with a single "Approve All" tap in under 58 seconds.
On screen: Card grid with full-size previews, brand universe badge, auto-compliance results, individual approve/reject buttons, batch "Approve All" action.
PHI-free: Brand review examines visual compliance (logo, colors, fonts, quality), not content subject matter. Completely unchanged.
HQ Content Team — Distribution
Multi-Channel Distribution (IG, FB, GMB)
After approval, the content team opens the Distribution Monitor to schedule publication. They select channels (Instagram, Facebook, Google Business), choose "Publish Now" or schedule for optimal time. The Distribution Engine authenticates with platform APIs, selects the correct image variant per channel, and posts with approved captions. Engagement tracking begins immediately.
On screen: Distribution queue with channel toggles, schedule picker, per-platform caption previews, recently published list with engagement stats, 7-day calendar view.
PHI-free: Distribution publishes to social channels regardless of content type. Completely unchanged.
VP Marketing — Content Analytics
Content Engine Dashboard
The VP Marketing reviews the Content Engine Dashboard. Five KPIs: captures (287), processed (234), approved (198), published (156), and average brand health (78). Below: pipeline flow visualization, champion leaderboard (Maria Santos #1 in Southeast), engagement analytics (45.2K total reach, 4.8% engagement rate), and brand health heatmap by practice. One panel — Attribution Analysis — shows a purposeful empty state.
On screen: 5 KPI cards, pipeline funnel, champion leaderboard, engagement charts, brand health grid. Attribution Analysis panel: "Content attribution analysis requires PMS integration. Available in Phase B."
PHI-free: Pipeline metrics, engagement, champion data, and brand health all work without patient data. One panel shows intentional empty state.
Phase B addition: Attribution panel populates with content-to-booking correlation, estimated booking value, and content ROI calculations.
VP Marketing — Content Analytics
Engagement Analytics & Reporting
Drilling deeper, the VP Marketing sees that Instagram drives 62% of total reach, team photos generate the highest engagement rates, and the Southeast region leads in content quality scores. They export a monthly brand content report for the executive team.
On screen: Platform breakdown charts, content-type engagement comparison, regional performance heatmap, exportable monthly report.
PHI-free: All engagement data from social platform APIs. Zero patient data involved.
Hospitality Culture Through Daily Rituals
All Practice Staff — Break Room, 7:50 AM
Morning Huddle (TV Display + PWA)
The break room TV auto-cycles through four panels every 30 seconds. Panel 1: H-Score (64, down 14) with sub-scores (Phone 58, Reviews 71, DI 74), today's focus behavior (Warm Handoffs), and recognition for Maria's 12-week huddle streak. Panel 2: Yesterday's practice wins (huddle completion, content captures, new reviews). Panel 3: Playbook spotlight with the warm handoff script. Panel 4: Content capture reminder from the Content Engine. Staff can also view huddle content on the PWA Huddle tab and tap "Mark Huddle Complete."
On screen: Full-screen TV display with 4 auto-advancing panels: H-Score + focus + recognition, yesterday's wins + CCA progress, playbook spotlight, content mission. PWA mirrors content in vertical scroll with "Mark Huddle Complete" button.
PHI-free: H-Score uses aggregate vendor scores (Cinnamon 35% / Swell 45% / Dental Intel 20%). Impact stories reference review counts and H-Score trends, never patient identifiers.
Phase B addition: Impact stories gain funnel metrics ("Show rate improved 5% since confirmation texts started").
Maria Santos — Champion / Hygienist
Champion Hub Daily Use (Scorecard + Leaderboard)
After the huddle, Maria checks her Champion Scorecard. She sees her overall rank (#1, Southeast Region, 186 points), culture score (92: huddles led 4/5, behavior modeling 4.2, recognition 3 given), and content score (88: captures 6, streak 8 weeks, quality 4.0). Points break down across six categories: huddles led (48), captures submitted (36), assets published (24), behaviors modeled (21), recognition given (9), streaks maintained (48). She taps "View Leaderboard" to check her cohort standings.
On screen: Unified scorecard with culture + content sections, 6-category points breakdown, regional leaderboard with progress bars, streak badges.
PHI-free: Culture scores from WS3 natively; content scores arrive via Kafka from WS2. Workstream boundaries are invisible to the user.
Jamie Lee — Front Desk Staff
CCA Academy (Bronze Modules + Credly Badges)
Jamie opens the CCA Academy on her phone. She's working through Bronze Module 3: "The Trust Transfer." The module includes a 4-minute Mux-hosted video, a scenario-based assessment ("A patient arrives anxious — what do you say?"), and a practice exercise for her next shift. Upon completing all 10 Bronze modules and passing assessments, she receives a Credly digital badge and a generated certificate.
On screen: Module list with progress indicators, video player, scenario assessment with multiple-choice, practice exercise checklist, certification progress bar (7/10 complete).
PHI-free: Training content, assessments, and certifications are entirely staff-focused. Employee development data is not PHI under HIPAA.
All Practice Staff — Throughout the Day
Recognition & Rewards
During the day, Maria gives a recognition to Jamie: "Great job with the nervous patient in room 3 — your warm handoff was perfect." Jamie receives a PWA notification and sees the recognition in the Recognition Feed, displayed on a Gen4-branded celebration card. The feed shows peer celebrations from the practice, with weekly and monthly leaderboards tracking recognition given and received.
On screen: Recognition feed with branded celebration cards, give-recognition form, leaderboard (givers and receivers), streak indicators.
PHI-free: Recognition references staff behavior and skills, not patient identity. Completely unchanged in Phase B.
Lisa Torres — Office Manager
H-Score Dashboard (3-Vendor Composite)
Lisa checks the H-Score Dashboard. The composite score (64) breaks into: Cinnamon phone quality (58, weighted 35%), Swell review performance (71, weighted 45%), and Dental Intel operational compliance (74, weighted 20%). A 12-behavior breakdown shows strengths (greeting warmth: 82) and weaknesses (treatment presentation: 48). A 90-day trend chart shows recovery, and a network comparison positions the practice against regional and network averages.
On screen: Composite H-Score with 3-vendor breakdown, 12-behavior radar chart, 90-day trend line, network comparison (practice vs. regional vs. network average).
PHI-free: All data from aggregate vendor APIs. No individual patient data — scores report at practice and staff level.
Lisa Torres — Office Manager
Trust Transfer Tracker (Aggregate Scores)
Lisa views the Trust Transfer Tracker showing aggregate scores per staff member — a 30-day rolling score based on Swell review NLP analysis and huddle commitment tracking. She sees Dr. Kim's score improved 8 points this week. When she tries to drill into an individual call recording, the detail view shows: "Individual call recordings require Cinnamon call recording access. Available in Phase B."
On screen: Staff roster with trust transfer scores, 30-day trend sparklines, improvement indicators. Individual call drill-down shows Phase B empty state.
PHI-free: Aggregate scores from Swell NLP and huddle data. No individual patient or call data displayed.
Phase B addition: "Listen to Call" action activates. Individual call transcripts, playback, and coaching recommendations become available.
HQ Culture Team — Administrators
Culture Admin Console
The HQ Culture Team manages the entire culture program from the Admin Console: CCA Academy curriculum (add modules, set assessment criteria), playbook deployment to practice groups (by region, type, or tier), huddle content rotation configuration, champion network management (designate, promote, reassign champions), and reward budget controls per region. They deploy Playbook v2.4 with updated warm handoff scripts to all Southeast practices.
On screen: Multi-section admin: CCA management, playbook deployment with filtering, huddle configuration, champion network, reward budgets.
PHI-free: Culture administration is entirely staff and program-focused. This interface requires zero changes in Phase B.
Comprehensive Phase Plan
7 sub-phases from pre-build through network rollout.
Phase A: PHI-Free Foundation
A0: Pre-Build
Weeks 1-2
- AWS environment provisioning (HIPAA-eligible from Day 1)
- Team staffing & onboarding (15-20 engineers)
- Data model design with PHI hooks (empty tables, RLS configured)
- Feature flag framework deployed (LaunchDarkly)
- BAA procurement initiated (parallel background track)
A1: Shared Infrastructure
Weeks 3-6
- Practice Data Hub — 260 practices seeded, CRUD API live
- Auth & Identity — Cognito, JWT middleware, 8-role RBAC
- Event Bus — MSK + Schema Registry, 10 event schemas
- Asset Registry — S3 + CloudFront CDN + metadata catalog
- Workflow Engine — Temporal for enrollment & H-Score workflows
- Design Tool Abstraction — Canva adapter for storefronts
A2: WS3 + WS2 Core
Weeks 5-10
- Full Culture OS: H-Score, Huddle, CCA Academy, Trust Transfer, Champions, Recognition, Playbooks, Admin Console
- Content Engine core: Capture Bot, Studio Agent, AI pipeline, Editorial Queue, Distribution (IG + FB), Asset integration
- WS3 starts Week 5 (needs only PDH + Auth + Kafka)
A3: WS1 Foundation
Weeks 8-14
- Data Harvesting & Enrollment Invitation System
- Storefront Generation (2 templates, CDN deployment)
- Executive Dashboard (5 KPIs + AI Alerts)
- Portfolio Heatmap, Intervention Queue, HQ Standup Board
- Practice Deep Dive (4 tabs), Compliance Readiness Dashboard
Phase B: PHI Layer
B0: PHI Infrastructure
Weeks 12-15
- BAA execution verification (all 6 vendors)
- Compliance Middleware (PHI detection, encryption, audit log)
- PHI Filter for AI Service (tokenize/detokenize pipeline)
- PMS Integration Service (NexHealth + Sikka ONE adapters)
- Communications Service (Twilio HIPAA, consent registry, 10DLC)
B1: Patient Features
Weeks 15-20
- Nerve Center with patient action cards
- Concierge Agent (chat, missed-call text-back <90s)
- Patient Outreach Queue & Automation Engine
- Funnel Data Lake + Executive Dashboard expansion (8 KPIs)
- Patient photo capture with consent workflow
B2: Advanced PHI + Network Rollout
Weeks 20-24
- Voice AI inbound (Twilio Voice + Media Streams, real-time PMS booking)
- Call Dashboard (patient context, transcript viewer, quality monitoring)
- Content-to-consultation attribution model
- Trust Transfer individual call analysis (Cinnamon recordings)
- Network rollout to 260+ practices (50/week rolling activation with per-practice BAA + PMS verification)
QC Gates
7 quality gates governing the build. No phase proceeds until its gate passes.
Gate A0
Week 2
Environment ready?
Platform Architect, Eng Manager
Hard Gate
Gate A1
Week 6
Infrastructure stable and PHI-free?
Platform Architect, QA, PO
Hard Gate
Gate A2
Week 10
Culture OS & Content Engine delivering value?
PO, Design Director, QA
Hard Gate
Gate A3
Week 14
PHI-free platform ready to ship?
PO, Strategist, Architect, QA, Security
Hard Gate — Ship It
Gate B0
Week 15
PHI infrastructure HIPAA-compliant?
HIPAA Counsel, Security, Architect, QA
Hard — Non-Negotiable
Gate B1
Week 20
Patient features secure and usable?
PO, Design Director, HIPAA Counsel, QA
Hard Gate
Gate B2
Week 24
Full platform ready for 260+ practices?
All reviewers + external HIPAA review
Hard — External Review
Gate B0 — The HIPAA Checkpoint: No patient data flows through ANY system until this gate passes. All 6 BAAs must be signed. PHI red-team test must show zero leakage paths. Compliance Middleware must have 100% PHI detection recall. HIPAA Compliance Counsel has veto authority. A failure here delays Phase B only — Phase A continues serving practices independently.
Build Timeline
24-week Gantt view across all sub-phases, BAA procurement, and QC gate markers.
123456
789101112
131415161718
192021222324
A0: Pre-Build
A1: Shared Infra (6 services)
A2: WS3 + WS2 Core
A3: WS1 Foundation
BAA Procurement (parallel)
B0: PHI Infrastructure
B1: Patient Features
B2: Advanced + Rollout
QC Gates
What This Changes
Original plan vs. PHI-Free-First approach — side by side.
| Dimension | Original Plan | PHI-Free First |
|---|---|---|
| Time to first working software | Week 18 | Week 10 |
| BAA blocking development | Yes — on critical path from Day 1 | No — parallel background process |
| Features in first release | 16 Tier 1 interfaces | ~30 Phase A interfaces |
| HIPAA risk during build | High — PHI flowing from Week 6 | None — zero PHI in Phase A |
| Infrastructure at start | 10 shared services (all at once) | 6 services (40% less scope) |
| WS3 scope change | N/A | None — 8/8 interfaces unchanged |
| WS2 scope change | N/A | Minor — defer patient photos, attribution |
| WS1 scope change | N/A | Significant — patient workflows deferred |
| Dev team start | After BAAs complete | Immediately |
QC Verdicts
Both quality gates passed. The PHI-free redesign is ready for development.
QC1: Product Design Director Review
PASS
Scores: WS1 4/5 | WS2 5/5 | WS3 5/5
Critical issues: 0 | Major issues: 2 | Minor issues: 5
Major items flagged:
- M1: CE-1 Capture Bot SMS contradiction — WS2 journey says "no SMS" but build plan specifies SMS via non-HIPAA gateway. Build plan is authoritative; journey document needs update.
- M2: Front Desk adoption risk — ~40% functionality in Phase A, highest-risk persona. Recommended adding "Known Adoption Risks" section and measuring engagement by CCA Academy participation, not login frequency.
Verdict: Phase A is a coherent, shippable product. The PHI-free redesign preserves core design principles while delivering genuine operational value. Fix the 2 Major items before Gate A2.
QC2: QA Engineer + Product Owner Review
PASS / COMPLETE
Critical defects: 0 | Major defects: 4 | Minor defects: 7
4 Major documentation fixes required:
- D-1: Reconcile scope analysis classifications with experience architecture (7 interface discrepancies — exp arch is authoritative)
- D-2: Update WS2 journey to reflect SMS availability in Phase A (30-minute documentation fix)
- D-3: Add AI Service core to A1 build plan (needed for caption generation, AI alerts, learning reports)
- D-4: Add "Known Adoption Risks" section to experience architecture (Front Desk persona)
Key findings:
- Cross-document consistency strong — experience architecture is canonical source
- Backlog complete — every original story preserved, modified, or explicitly deferred with rationale
- Phase A delivers standalone ROI: culture transformation, brand pipeline, executive visibility
- No Phase A features secretly require PHI — boundary is clean and auditable
- Shelfware risk: LOW-MEDIUM, concentrated in Front Desk persona
Architecture Highlights
From the Tech Lead review: technically sound, no blockers.
Separate PHI Schema
PHI tables live in a dedicated phi PostgreSQL schema — not nullable columns on shared tables.
- Clean separation and audit trail
- Schema-level GRANT policies
- Phase A services have no access to phi schema
- Tables created in A0 with RLS, zero rows until B0
Additive Kafka Evolution
Forward-compatible schema rules: Phase B adds optional fields without breaking Phase A consumers.
- 8 of 10 cross-workstream events active in Phase A
- 2 PHI events registered, no producers until B0
- Schema versioning: 1.0 (Phase A) to 1.1 (Phase B)
- No consumer redeployment required
3-Level Feature Flags
Hierarchical runtime flags: global phase, per-practice PHI enabled, per-feature activation.
- Emergency kill switch:
phase_a_only - Per-practice BAA verification gate
- Rolling activation: 50 practices/week
- Single codebase, runtime evaluated
3 Recommended Optimizations (from Tech Review)
1. Partial AI Service in A1
Build core AI Service (prompt registry, cost-tier routing, Claude API) in A1. Phase A needs caption generation, AI alerts, and learning reports. PHI filter and Whisper deferred to B0.
2. Comms Service Limited Scope in A1
Deploy SMS send API and number management for content capture briefs. Omit consent registry and HIPAA encryption. Avoids migration from non-HIPAA gateway in B0.
3. Compliance Middleware Monitoring Mode
Deploy Compliance Middleware in monitoring (not enforcement) mode during Phase A. Verify no PHI appears in any data flow. Transitions to enforcement mode when B0 activates.
Phase B Transition Principle
"Architecture for addition, not subtraction." Nothing built in Phase A is removed or restructured when Phase B activates. Tabs inject into existing containers. Dashboard KPI slots expand. Feature flags reveal hidden components. Kafka consumers receive new events from new producers. The same codebase, the same deployment, the same user sessions — just more features visible. Phase B is an expansion, not a migration.