Challenge
1. Firebase (Google) doesn't sign a business associate agreement (BAA) and is not configurable in a HIPAA-compliant manner.
2. Comply with the data privacy policies of each country and state.
3. Ensure the video conferencing system is reliable and secure, and protect it from potential data breach risks.
4. Scale personalized therapy delivery while reducing administrative burden on therapists, maintaining clinical quality.
1. Firebase (Google) doesn't sign a business associate agreement (BAA) and is not configurable in a HIPAA-compliant manner.
2. Comply with the data privacy policies of each country and state.
3. Ensure the video conferencing system is reliable and secure, and protect it from potential data breach risks.
4. Scale personalized therapy delivery while reducing administrative burden on therapists, maintaining clinical quality.
Solution
1. It turned out that Google makes exceptions on a case-by-case basis to accept products as HIPAA-eligible if they have done due diligence. The Freshcode team implemented so-called HIPAA Technical Safeguards, including Access Control, Audit Controls, Integrity, and Transmission Security, to prevent identity theft and scams. We used IAM in GCP to secure Hi Rasmus' data with Firestore and signed a BAA to satisfy HIPAA regulatory requirements.
2. Locally maintained databases in the USA, Europe, Canada, and Australia were divided and organized for low-latency environments and data security. All trackable data collected from app clients is cloud-based and stored in distributed, secure servers, making HIPAA compliance easier to achieve.
3. We utilized the Twilio cloud service to facilitate peer-to-peer (P2P) communication and ensure the required privacy. Twilio doesn't intercept the media in P2P rooms, so it's not possible to record or transcode video/audio calls in Hi Rasmus or to make it interoperable with other services.
4. We integrated multiple AI-powered features using GPT-4o to automate routine tasks and enhance therapy workflows. The implementation includes automated session note generation, voice-to-text field input for hands-free documentation, and AI-assisted program goal generation for treatment planning. Additionally, we deployed CodeRabbit for AI-powered code review, which immediately identified legacy bugs in existing code during initial testing.
1. It turned out that Google makes exceptions on a case-by-case basis to accept products as HIPAA-eligible if they have done due diligence. The Freshcode team implemented so-called HIPAA Technical Safeguards, including Access Control, Audit Controls, Integrity, and Transmission Security, to prevent identity theft and scams. We used IAM in GCP to secure Hi Rasmus' data with Firestore and signed a BAA to satisfy HIPAA regulatory requirements.
2. Locally maintained databases in the USA, Europe, Canada, and Australia were divided and organized for low-latency environments and data security. All trackable data collected from app clients is cloud-based and stored in distributed, secure servers, making HIPAA compliance easier to achieve.
3. We utilized the Twilio cloud service to facilitate peer-to-peer (P2P) communication and ensure the required privacy. Twilio doesn't intercept the media in P2P rooms, so it's not possible to record or transcode video/audio calls in Hi Rasmus or to make it interoperable with other services.
4. We integrated multiple AI-powered features using GPT-4o to automate routine tasks and enhance therapy workflows. The implementation includes automated session note generation, voice-to-text field input for hands-free documentation, and AI-assisted program goal generation for treatment planning. Additionally, we deployed CodeRabbit for AI-powered code review, which immediately identified legacy bugs in existing code during initial testing.
Results
Services rendered & Deliverables
1. Process automation: Automate repetitive tasks like data entry, document processing, and routine analysis with AI-powered RPA and workflow engines. We eliminate manual bottlenecks in your operations so your team can focus on tasks at hand instead of administrative overhead.
2. Legacy system modernization: Upgrade outdated infrastructure to work with modern AI tools without a complete overhaul. We add connectivity layers, migrate data architectures, and refactor systems so your existing platforms can support intelligent features and integrate with AI technologies.
3. Predictive analytics & forecasting: Turn historical data into actionable foresight. We build models that analyze patterns in your operations to predict demand, identify risks before they escalate, forecast trends and support proactive decision-making using the data you're already collecting.
4. NLP & document automation: Process unstructured text and documents at scale with natural language understanding. From voice-to-text transcription to automated report generation and intelligent document extraction, we integrate LLMs that read, understand and act on information trapped in documents. Our prompt engineering expertise ensures language models deliver consistent, accurate results tailored to your specific terminology.
Business Impact
1. Top ABA software: ranked among the top ABA data collection software for small practices
2. 20% monthly growth in customer base since the first deliverables
3. 700+ clinics across the USA, Europe, Australia, and the UAE
4. 150,000+ AI-generated session notes monthly
5. HIPPA-compliant: the only platform in its category able to deliver a HIPAA-compliant TeleHealth solution
6. P2P video AI-generated session notes monthly
Services rendered & Deliverables
1. Process automation: Automate repetitive tasks like data entry, document processing, and routine analysis with AI-powered RPA and workflow engines. We eliminate manual bottlenecks in your operations so your team can focus on tasks at hand instead of administrative overhead.
2. Legacy system modernization: Upgrade outdated infrastructure to work with modern AI tools without a complete overhaul. We add connectivity layers, migrate data architectures, and refactor systems so your existing platforms can support intelligent features and integrate with AI technologies.
3. Predictive analytics & forecasting: Turn historical data into actionable foresight. We build models that analyze patterns in your operations to predict demand, identify risks before they escalate, forecast trends and support proactive decision-making using the data you're already collecting.
4. NLP & document automation: Process unstructured text and documents at scale with natural language understanding. From voice-to-text transcription to automated report generation and intelligent document extraction, we integrate LLMs that read, understand and act on information trapped in documents. Our prompt engineering expertise ensures language models deliver consistent, accurate results tailored to your specific terminology.
Business Impact
1. Top ABA software: ranked among the top ABA data collection software for small practices
2. 20% monthly growth in customer base since the first deliverables
3. 700+ clinics across the USA, Europe, Australia, and the UAE
4. 150,000+ AI-generated session notes monthly
5. HIPPA-compliant: the only platform in its category able to deliver a HIPAA-compliant TeleHealth solution
6. P2P video AI-generated session notes monthly