CASE NO. 06 · HEALTHTECH / VERTICAL SAAS · MBARC VENTURE · IN DEVELOPMENT
Practice software built to clinical standards from the first commit.
Afya (Swahili for “health”) is a practice platform for chiropractic care. Patients, scheduling, SOAP-note documentation, roles, and billing, all in one multi-tenant system. The way it handles patient data was engineered HIPAA-minded from the first migration, not retrofitted afterwards. An MBARC venture, still in active development.
Built so far
The shape of it
We built the compliance spine first. Features hang off it.
The vertical gap
Chiropractic practices run on generic tools. Scheduling lives in one system, clinical notes in another, billing in a third. One workflow, split across three products that were never built to know about each other.
The premise
A platform built for one specialty can hold the whole workflow. But software that keeps patient records has to earn that position. Afya started there. The encryption and the audit trail were in place before the first real feature.
The constraint
Non-negotiables from day one.
- Patient data encrypted field by field, each with its own key material
- Every read and write of patient data recorded
- The audit trail records what changed without storing the patient data itself
- Row-level tenant isolation on every query
- Separate permissions for reading patient data and changing it
Engineering highlights.
Scheduling that can't double-book
Every booking runs a three-clause overlap check. A new visit can start inside an existing one, end inside it, or swallow it whole, and all three cases are caught. Cancelled visits are excluded and reschedules are accounted for, so a dead appointment never holds a live slot hostage.
Slots from real calendars
A provider's weekly schedule is composed with the per-day overrides sitting on top of it, vacation and sick days included, and the result is walked into slots of the right duration. What the calendar offers is what it actually has. The two never drift apart.
An audit trail that keeps secrets
Every read and every write against a patient record is logged with a before-and-after diff. PHI is stripped from the diff itself. You can see who touched what and when, but you cannot read the protected values, because the log never held them in plaintext.
Inside the build.
Why a weekly schedule cannot be trusted.
A weekly pattern stops being true the moment a human touches it. Someone takes a day off, or a reschedule drops one visit on top of another. So the pattern is composed with its exceptions before any slot is offered, and every offer is backed by an overlap query that catches all three ways two appointments collide: one starts inside another, one ends inside another, one contains another entirely. Nothing is offered on trust.