The three engineering challenges that determine whether ambient AI documentation ships into a health system or fails security review, and the architecture that satisfies each one.
The Engineering Lead Lost Six Months.
Physicians spend 2.1 hours documenting for every 1 hour of patient care. ED is worse, at 2.8x. The problem is structural and not solved by a better LLM.
Teams ship models that work in demos and fail in production because the surrounding infrastructure was never specified.
Patient encounter audio is PHI. General-purpose cloud speech APIs that retain audio cannot satisfy BAA requirements. Teams need HIPAA-compliant, low-latency speech infrastructure.
Notes must map into the correct Epic sections for SOAP, procedure, or ED encounters — per customer configuration, per department, per template preference. The FHIR spec does not cover this.
Thousands of hours per day require encrypted, retention-policy-aware, deletion-capable HIPAA-compliant storage. 7–10 year retention. Audit, legal hold, and patient-request deletion all required.
Encrypted streaming audio, on-prem or BAA-covered cloud, with sub-5-second draft latency. General cloud speech APIs that retain audio are disqualified at procurement.
Mapping layer per EHR vendor, per customer Epic configuration, per department template. The model is one piece; the integration is the product.
Encryption at rest, 7–10 year retention, legal hold, audit logs, and patient-request deletion. Hospital IT teams reject vendors that have not built for this.
HIPAA-compliant audio passes security review at procurement instead of stalling deals.
Patient encounter audio is PHI. Most general cloud speech APIs retain audio for service improvement and cannot satisfy a BAA. Health system security review disqualifies them at procurement.
Typically 7–10 years depending on state medical record retention law. Encryption at rest, audit logs, legal hold capability, and patient-request deletion are all required.
A mapping layer specific to the EHR vendor, the customer's Epic configuration, and often the department's note template preferences. None of which appears in the FHIR specification.
