AWS
Cloud
Currently in development.
Hospital Manage
A governance-first operating system for hospitals.
Designed to turn organizational policy, authority, workflows, and auditability into day-to-day operations.
Operational model
Governance is translated into operational execution through a chain of constrained decisions.
In development
Policy
Authority
Execution
Auditability
Scope-first
Authority is computed from organizational context first.
Version-aware
Workflows and capabilities remain tied to their historical shape.
The Problem
Hospitals are not a single team.
Authority exists at multiple levels.
Organizations govern hospitals.
Hospitals govern branches.
Branches run operations.
Departments execute work.
The challenge was not managing users.
The challenge was determining who should be allowed to do what, where, and under which conditions.
Organization
Hospital
Branch
Department
What I Owned
Governance Design
Authorization Design
Workflow Modeling
System Architecture
Database Design
Backend
Frontend
Deployment
Tools I Used
Official marks from the tools and platforms used to design, build, deploy, and operate the system.
AWS KMS
Key management
AWS Lambda
Serverless compute
AWS EC2
Compute
Cloudflare R2
Object storage
VS Code
Editor
Next.js
Framework
Tailwind CSS
Styling
Git
Version control
GitHub
Repository hosting
Vercel
Deployment
pnpm
Packages
Codex
Coding agent
Claude Code
Coding agent
Cloudflare Wrangler
CLI
The System That Interested Me Most
ComplexityVery High
Authorization Model
A user's authority is not a role.
It is the result of many layers of decisions, restrictions, exceptions, and organizational context.
Roles were not enough.
Authority depended on:
Organization
Hospital
Branch
Department
Designation
User Overrides
The final authority model is scope-first, ceiling-constrained, and context-aware.
This became the foundation for workflows, approvals, encounters, and operational execution.
Organization
Hospital
Branch
Department
Designation
User Overrides
Scope-first
Ceiling-constrained
Context-aware
System Architecture
The architecture is built around four independent ideas.
Organization
Hospital
Branch
Governance
Defines who can govern what.
Restrictions
Designation
Overrides
Effective Authority
Authority
Determines what a person can actually do.
Workflow
Appointment
Encounter
Completion
Execution
Turns configured workflows into operational work.
Workflow Version
Capability Version
Operational Action
Auditable History
Auditability
Preserves historical truth.
Systems Designed
ComplexityVery High
Capability Snapshot Architecture
Precomputed capability snapshots used as the effective permission source.
ComplexityVery High
Multi-Level Authorization
Authority composed from scopes, designations, restrictions, and user-specific overrides.
ComplexityHigh
Workflow Execution Model
Separating workflow definition from workflow execution.
ComplexityHigh
Audit-First System Design
Designing operational systems around historical truth.
Architecture Preview
01
Authority Inputs
02
Capability Snapshot
03
Workflow Execution
04
Operational Actions
05
Auditable History
This system separates:
Identity from Authority.
Policy from Execution.
Current Truth from Historical Truth.
Project Snapshot
Governance-First Hospital Platform
Currently in development.
Designed around:
Authorization
Workflow Execution
Capability Computation
Auditability
Multi-Scope Governance
Next
Interested in how these decisions were made?
The Engineering Notes explain the architecture behind capability snapshots, workflow execution, authorization, and auditability.