McBee + Daisy AI — Technical Architecture

For Alan (VP Engineering) Review

Page 1 — System Boundaries & Data Flow

Who Owns What

┌─────────────────────────────────────────────────────────────────────────────┐
│                           SYSTEM BOUNDARY DIAGRAM                            │
├─────────────────────────────────────────────────────────────────────────────┤
│                                                                              │
│   ┌──────────────────────────────────────────────────────────────────────┐  │
│   │                        McBEE OWNS                                     │  │
│   │  ┌─────────────┐    ┌─────────────┐    ┌─────────────────────────┐   │  │
│   │  │  Hospital   │───►│   McBee     │    │   Criteria Workflow     │   │  │
│   │  │  EHR/PDFs   │    │   Intake    │    │   (MCG/InterQual)       │   │  │
│   │  │             │    │             │    │                         │   │  │
│   │  │  • Epic     │    │  • Secure   │    │  • Nurse applies        │   │  │
│   │  │  • Cerner   │    │    share    │    │    criteria manually    │   │  │
│   │  │  • PDFs     │    │  • SFTP     │    │  • Clinical decisions   │   │  │
│   │  └─────────────┘    └──────┬──────┘    │  • QA review            │   │  │
│   │                            │           └────────────▲────────────┘   │  │
│   └────────────────────────────┼────────────────────────┼────────────────┘  │
│                                │                        │                    │
│                                ▼                        │                    │
│   ┌──────────────────────────────────────────────────────────────────────┐  │
│   │                        DAISY AI OWNS                                  │  │
│   │                                                                       │  │
│   │   ┌─────────────┐    ┌─────────────┐    ┌─────────────────────────┐  │  │
│   │   │  Ingest     │───►│  Summarize  │───►│  Review UI              │  │  │
│   │   │             │    │             │    │                         │  │  │
│   │   │  • Parse    │    │  • Extract  │    │  • Summary view         │  │  │
│   │   │  • Index    │    │  • Timeline │    │  • Timeline view        │──┘  │
│   │   │  • Encrypt  │    │  • UM Flags │    │  • Copy/paste to        │     │
│   │   │             │    │  • Template │    │    criteria workflow    │     │
│   │   └─────────────┘    └─────────────┘    └─────────────────────────┘     │
│   │                                                                          │
│   │   Security: TLS transport, encrypted at rest, audit logging, HIPAA      │
│   └──────────────────────────────────────────────────────────────────────────┘
│                                                                              │
└─────────────────────────────────────────────────────────────────────────────┘

Key Boundaries

Component	Owner	Notes
Hospital EHR access	McBee	McBee has existing relationships
Secure intake (SFTP/share)	McBee	McBee's existing data pipeline
Document ingestion	Daisy AI	Parse, index, encrypt clinical docs
AI summarization	Daisy AI	Extract, timeline, flags
Nurse review UI	Daisy AI	Web-based, copy/paste output
Criteria application	McBee	Nurse applies MCG/InterQual manually
Clinical decisions	McBee	Human judgment always

No PHI leaves the secure environment. All processing happens within HIPAA-compliant infrastructure.

Page 2 — Technical Components

Reference Implementation: daisy-skill-1

Our core summarization engine is implemented in daisy-skill-1:

Repository: github.com/daisyai-ai/daisy-skill-1

daisy-skill-1/
├── src/
│   ├── ingest/           # Document parsing (PDF, HL7, FHIR)
│   │   ├── pdf.ts        # PDF extraction
│   │   ├── hl7.ts        # HL7v2 message parsing
│   │   └── fhir.ts       # FHIR resource handling
│   ├── extract/          # Clinical entity extraction
│   │   ├── demographics.ts
│   │   ├── diagnoses.ts
│   │   ├── medications.ts
│   │   └── procedures.ts
│   ├── timeline/         # Event sequencing
│   │   └── builder.ts    # Chronological timeline from clinical events
│   ├── flags/            # UM flag detection
│   │   ├── two-midnight.ts
│   │   ├── critical-dx.ts
│   │   └── index.ts
│   ├── summarize/        # LLM-powered summarization
│   │   ├── prompts.ts
│   │   └── chain.ts
│   └── output/           # Template formatting
│       └── templates/    # Customer-specific templates (McBee goes here)
└── tests/

Core Pipeline (Pseudocode)

// Main processing pipeline
async function processChart(caseId: string, files: File[], template: Template) {
  // 1. Ingest documents
  const documents = await ingest(files);       // Parse PDFs, extract text/structure

  // 2. Extract clinical entities
  const entities = await extractEntities(documents);
  // Returns: demographics, diagnoses, medications, procedures, labs

  // 3. Build timeline
  const timeline = buildTimeline(entities);
  // Returns: chronological sequence of events with timestamps

  // 4. Detect UM flags
  const flags = detectUMFlags(entities, timeline);
  // Returns: Array<{type, data, confidence}>

  // 5. Generate summary
  const summary = await summarize(entities, timeline, flags, template);
  // Returns: Structured summary matching McBee's template format

  return { summary, timeline, flags };
}

UM Flag Detection (McBee-Specific)

// Two-Midnight Rule (Medicare requirement)
function flagTwoMidnight(timeline: Timeline): UMFlag | null {
  const admitTime = timeline.events.find(e => e.type === 'admission')?.timestamp;
  const firstTreatment = timeline.events.find(e => e.type === 'treatment')?.timestamp;

  if (admitTime && firstTreatment) {
    return {
      type: 'START_OF_SERVICE',
      label: 'Two-Midnight Start of Service',
      data: {
        admitTime,
        firstTreatment,
        hoursDiff: diffHours(admitTime, firstTreatment)
      },
      confidence: 0.95
    };
  }
  return null;
}

// Critical Diagnosis Detection
function flagCriticalDiagnosis(entities: Entities): UMFlag[] {
  const CRITICAL_ICD10 = ['I21', 'I63', 'J96', 'N17', 'K85']; // Sample list

  return entities.diagnoses
    .filter(dx => CRITICAL_ICD10.some(prefix => dx.code.startsWith(prefix)))
    .map(dx => ({
      type: 'CRITICAL_DX',
      label: 'Critical Diagnosis',
      data: { code: dx.code, description: dx.description },
      confidence: 0.90
    }));
}

Integration Interfaces

// Data source abstraction
interface DataSource {
  listCases(start: Date, end: Date): Promise<CaseRef[]>;
  fetchCase(caseId: string): Promise<CaseData>;
}

// Implementations for McBee pilot
class SecureShareSource implements DataSource {
  // SFTP or secure file share from McBee intake
  constructor(private config: { host: string; path: string; credentials: Credentials }) {}
  // ...
}

class Hl7FeedSource implements DataSource {
  // HL7v2 ADT feed from hospital (if available)
  constructor(private config: { endpoint: string; port: number }) {}
  // ...
}

// Template output
interface OutputTemplate {
  name: string;           // e.g., "McBee Standard Summary"
  sections: string[];     // Required sections in order
  format: 'text' | 'html' | 'markdown';
}

Security Overview

For full details, see the Daisy AI Security Deck (separate document for Alan).

Control	Implementation
Encryption at Rest	Neon Postgres with AES-256 encryption
Encryption in Transit	TLS 1.3 for all connections
Access Control	Role-based access, SSO integration available
Audit Logging	All access and actions logged with timestamps
Data Retention	Configurable per customer, default 90 days
HIPAA	BAA available, HIPAA-compliant infrastructure

PHI Handling:

PHI stays within Daisy AI's secure environment
No PHI sent to third-party LLM APIs without explicit configuration
Option for fully on-premise deployment if required

Next: Security Deck for Alan

A separate security deck covers:

Infrastructure architecture (Vercel, Neon, Clerk)
Data flow diagram with encryption points
Access controls and authentication
Incident response procedures
SOC 2 Type II compliance roadmap