AI Patient Assistant

Your front desk, with
deterministic guardrails

An AI agent that handles scheduling, intake, insurance, and patient questions — with hard policy enforcement between the AI and your EHR.

Deploy in 5 minutes How it works
PATIENT "Cancel my appointment" LLM UNDERSTANDS Intent: cancel Tool: ehr_cancel POLICY ENGINE Hard rules + workflows 48h window check BLOCKED LLM RESPONDS "Our policy requires 48h notice..." SUPERVISOR Audit response APPROVED Input Fuzzy Deterministic Fuzzy LLM Audit
Architecture

Four layers, each doing
what it's best at

LLMs handle understanding and language. Code handles decisions. A separate LLM audits the output.

01
LLM understands the patient
The LLM reads the message, classifies intent, extracts entities, and decides which tools to call. Handles ambiguity, context, and natural language.
Fuzzy
02
Deterministic code gates every action
Before any tool touches your EHR, the policy engine evaluates hard rules and workflow prerequisites. Pure functions, zero latency, zero cost.
Deterministic
03
LLM generates the response
With the tool result in hand, the LLM writes a natural language response. Persona, tone, length — all configurable by clinic admins.
Fuzzy
04
Supervisor audits the response
A separate LLM call reviews against every live guidance rule and persona setting. Violations trigger a retry. Double failure escalates to staff.
LLM Audit
Features

Everything a front desk does, automated

The full patient interaction lifecycle — from first question to booked appointment — with real EHR integration.

Appointment scheduling

Searches available slots across providers, filters by insurance and appointment type, and books directly into your EHR. Supports new patient intake with full registration flow.

HIPAA-grade verification

Two-step OTP verification before any patient data is accessed. Identical responses whether or not a record exists — preventing enumeration attacks.

Insurance verification

Real-time eligibility checks against your EHR. Matches patients to in-network providers automatically. Handles self-pay pricing transparently.

Policy enforcement

Deterministic hard rules gate every action. 48-hour cancellation window, 90-day booking horizon, staff-only appointment types — configured by admins, enforced by code.

New patient onboarding

Collects registration info conversationally — demographics, insurance card via photo upload, preferred provider. Books the first appointment in a single flow.

Compliance auditing

Every tool call, PHI access, policy violation, and supervisor verdict logged to date-partitioned JSONL. Full audit trail for HIPAA compliance review.

Analytics

Every conversation, measured

Real-time dashboard with KPIs, conversion funnels, outcome breakdowns, activity heatmaps, and full audit trails. Know exactly what your agent is doing.

1,247
Conversations
12 active
78%
Resolved
973 total
4.2%
Escalated
52 total
3.8m
Avg Duration
6.2 messages
34%
Booking Rate
424 booked
0
Violations
0 policy, 0 supervisor

Conversations over time

Daily volume with resolution rate overlay

Conversion funnel

Drop-off at each stage
All conversations1,247
Engaged1,098
Used tools885
Scheduling599
Completed424

Outcomes breakdown

By conversation result
booked
374
resolved
249
info_only
187
registered
50
escalated
52
dropped
75

Activity by hour

Conversation volume across 24 hours
12am 6am 12pm 6pm 11pm
Peak: 10:00 AM — 127 conversations

Full audit trail

Every action logged to JSONL
09:41:02session_start— sid_a7f2
09:41:08tool_call— ehr_initiate_verification
09:41:34patient_verification— success
09:41:35phi_access— patient_record
09:41:41tool_call— ehr_get_available_slots
09:41:48policy_violation— 48h cancellation window
09:41:52supervisor_verdict— approved (1.8s)
09:42:15session_end— outcome: booked
Session detail
Full transcripts with timestamps, tool logs, and linked audit events per conversation
Real-time
Active conversations update live. Monitor in-progress sessions as they happen
Filtering
Filter by outcome, date range, tools used. Pre-built views for escalated and dropped sessions
Notes & tags
Internal notes and tags on any session for team coordination and follow-up tracking
Safety Model

Two enforcement layers,
zero trust in the LLM

The LLM is powerful but unreliable. We use it for what it's good at and constrain it with code for everything else.

Prompt-only guardrails

The fragile approach

  • Rules injected into system prompt
  • LLM "decides" whether to follow them
  • Vulnerable to prompt injection
  • No audit trail of violations
  • Can't enforce tool ordering
  • Medical advice may slip through
Deterministic + supervisor

The layered approach

  • Hard rules evaluated as code before tools execute
  • Workflow prerequisites enforced by session state
  • Separate LLM audits every response before delivery
  • Agent retries with violation feedback on block
  • Double failure escalates to human staff
  • Full audit log of every enforcement action
Hard rule enforcement
P
"I need to cancel my appointment tomorrow morning"
A
Agent calls ehr_cancel_appointment
POLICY BLOCKED — time_within_hours: 48h
A
"Our policy requires at least 48 hours notice for cancellations. I can connect you with our front desk for assistance."
Supervisor catch & retry
P
"What should I take for my headaches?"
A
Agent drafts response with OTC recommendation
SUPERVISOR BLOCKED — medical advice
S
Violation fed back to agent → retry
A
"I'm not able to provide medical advice. I'd recommend discussing your headaches with your provider. Would you like me to help you schedule an appointment?"
SUPERVISOR APPROVED
Workflow prerequisite
P
"Book me in for Thursday with Dr. Chen"
A
Agent calls ehr_book_appointment
WORKFLOW BLOCKED — missing ehr_check_eligibility
A
"Before I book that, I'll need to verify your insurance eligibility. Could you confirm the name of your insurance provider?"
OTP identity verification
P
"Can I see my lab results?"
A
"I'd be happy to help with that. For your security, I'll need to verify your identity first. Could you provide your full legal name and date of birth?"
P
"Jane Smith, 03/15/1985"
A
"I've sent a verification code to the email address we have on file. Please share the 6-digit code when you receive it."
Policy Engine

Business logic as configuration, not code

Admins configure rules through the dashboard. Each rule is a pure function — field, operator, value. No LLM, no latency, no cost.

config/policy-rules.json 
{
  "name": "48-hour cancellation window",
  "tool": "ehr_cancel_appointment",
  "status": "live",
  "severity": "high",
  "check": {
    "phase": "pre",             // before tool executes
    "field": "input.appointmentDate",
    "operator": "time_within_hours",
    "value": 48
  },
  "action": "block",
  "message": "Our policy requires at least 48 hours notice..."
}

Built-in operators

Cover ~90% of healthcare policy needs. New operators are a single function drop.

OperatorExampleDescription
time_within_hoursappointmentDate within 48hTime proximity check
time_beyond_daysappointmentDate beyond 90dTime distance check
equals / not_equalsstatus equals "cancelled"Exact match
in_list / not_in_listpayer in ["Aetna","BCBS"]Set membership
greater_than / less_thanamount > 500Numeric comparison
contains / not_containsreason contains "emergency"String search
regex_matchfield matches patternRegex evaluation
is_empty / is_presentinsurancePayer is_presentExistence check

Deterministic workflows

Enforce tool ordering without coding state machines. The engine tracks completed tools per session and blocks actions whose prerequisites haven't been met.

config/policy-workflows.json 
{
  "name": "Insurance check before booking",
  "trigger": "ehr_book_appointment",
  "requires": ["ehr_check_eligibility"],
  "then": ["stripe_request_card"],
  "message": "Insurance eligibility must be verified before booking."
}

// The engine checks session.toolLog:
//   "ehr_check_eligibility" completed? → allow ehr_book_appointment
//   Not completed? → block with message
//   After booking succeeds: inject "call stripe_request_card" into result
Prerequisite
Check eligibility
Must succeed before booking
Trigger
Book appointment
Gated by prerequisites
Follow-up
Collect payment
Injected into result
Audit
Supervisor review
Final compliance check
Admin Dashboard

Configure everything,
deploy nothing

Persona, guidance, hard rules, workflows, knowledge — all managed through the dashboard. Changes take effect immediately.

Admin Dashboard — Hard Rules
Overview
Dashboard
Conversations
Active
All
Escalated
Configure
Persona
Guidance
Hard Rules
Workflows
Snippets
Knowledge
Test

Hard Rules

2 active of 3 total

48-hour cancellation window
ehr_cancel_appointment — time_within_hours 48
live block high
90-day booking horizon
ehr_book_appointment — time_beyond_days 90
live block
Staff-only appointment types
ehr_book_appointment — in_list ["AT07","AT09"]
paused block
0ms
Policy check latency
$0
Per policy evaluation
13
Built-in operators
100%
Deterministic
Our Approach

Flexible enough to handle anything,
safe enough for healthcare

Most healthcare chatbots are rigid scripts. Ours is a real AI — with real guardrails.

Traditional healthcare chatbots follow a script. "Press 1 for scheduling. Press 2 for billing." Every patient question needs a pre-built path. If a patient asks something unexpected, the bot is stuck. Adding a new capability means writing new code, testing it, deploying it.

Our agent works differently. It actually understands what patients are asking for — whether that's rescheduling an appointment, checking insurance coverage, or asking about lab results. It can handle follow-up questions, combine requests, and navigate conversations naturally, the way your front desk staff would.

The obvious concern: what if the AI says something it shouldn't? What if it gives medical advice, cancels an appointment it shouldn't, or shares information with the wrong person?

That's what the two enforcement layers solve.

Before the agent can take any action in your EHR — book, cancel, look up records — the policy engine checks it against your clinic's rules. If a patient tries to cancel within your 48-hour window, the action is blocked instantly. No AI judgment call. No "it depends." The code says no.

After the agent writes its response, a separate AI reviewer checks it against your guidelines before the patient sees it. Catching medical advice, off-brand tone, information that shouldn't be shared. If the response doesn't pass, the agent tries again. If it fails twice, the conversation goes to your staff — a human is always the backstop.

The result: your patients get a fast, natural, helpful experience — and you get layered safeguards that dramatically reduce the risk of the agent going off-script.

Deployment

One script tag on your website

Embed the chat widget with a single line. Configure everything server-side.

Embeddable widget

Add the script tag to any page. The widget loads asynchronously, fetches your clinic config, and renders a floating chat button.

  • Customizable accent color and position
  • Custom greeting message
  • Session persistence across page navigation
  • Mobile-optimized with safe area support
  • Image upload for insurance cards
  • Inline appointment picker widget
your-website.html 
<script
  src="https://agent.yourclinic.com/widget.js"
  data-api-url="https://agent.yourclinic.com"
  data-api-key="hca_your_key_here"
  data-accent="#0f766e"
  data-position="right"
  data-greeting="Hi! How can we help?">
</script>

EHR integrations

Plug into your existing system. Adapter pattern supports multiple EHRs.

Healthie
athenahealth
FHIR R4
Custom adapter
Get started

Ready to automate
your front desk?

Deploy in minutes. Configure without code. Enforce with certainty.

Start free trial Book a demo