Slice Release Readiness
Execution-layer artifact. Companion to ROADMAP.md. Binary gates per slice across 8 dimensions.
Dimensions
| Code | Dimension | Definition |
|---|---|---|
| F | Functional | User stories delivered and verified |
| N | Non-functional | SLOs met, load tested, scale verified |
| A | AI readiness | Prompt regression, safety, provenance, budget, degradation |
| O | Offline readiness | Airplane-mode E2E, sync, conflict, stale-data, encryption |
| S | Security | Tenant isolation, pen-test, threat model, audit, PHI encryption |
| T | Multi-tenant | Isolation, RLS, per-tenant quotas, config, theming |
| V | Observability | SLOs, dashboards, runbooks, alerts, tracing |
| D | Documentation | API docs, event catalog, runbooks, user docs, FHIR profiles |
Slice 0 — Platform Foundation (M0)
F — Functional
- Tenant provisioning + hierarchy DAG operational (TEN-EPIC-01, HIER-EPIC-01)
- OIDC login via Keycloak functional (IAM-EPIC-01)
- Module licensing enforcement returns 422 for unlicensed access (LICN-EPIC-01)
- RBAC baseline evaluates role-based policies (ACPOL-EPIC-01)
- Audit log records all PHI access/modification events (AUD-EPIC-01)
- Config-resolver delivers tenant-specific configuration (CFG-EPIC-01)
- FHIR gateway routes requests to backend services (FHIR-EPIC-01)
- Platform-admin: tenant ops + user management functional (PADM-EPIC-01)
- Desktop Electron: OIDC login + IPC + capability map (DESK-EPIC-01)
- Desktop: SQLite initialized + outbox queuing + sync round-trip (DESK-EPIC-02)
N — Non-functional
- API p95 latency < 500ms for platform services
- Event delivery latency p95 < 200ms (NATS JetStream)
- Sync round-trip < 5s for 100 queued mutations
- Platform supports 100 concurrent users across 2 tenants
A — AI readiness
- AI gateway responds to
/ai/complete,/ai/moderate,/ai/redact-pii - Prompt registry stores and retrieves versioned system prompts
- Safety classifier rejects harmful inputs
- PII redactor strips sensitive data before cloud calls
- Per-tenant AI budget tracking functional
- Provenance tag on all AI outputs
O — Offline readiness
- Desktop boots offline with cached auth token
- SQLite initialized with tenant-scoped schema
- Outbox queues mutations while offline
- Sync engine pulls server state on reconnect
- Conflict resolution resolves test scenario (LWW)
- PHI encrypted at rest in SQLite
- Device binding: unregistered device rejected
S — Security
- Two-tenant CI suite: cross-tenant access blocked
- RLS policies on all PostgreSQL tables
- Kong JWT validation on all public routes
- Rate limiting per tenant configured
- PHI encrypted at rest (PostgreSQL + SQLite)
- Audit log hash chain integrity verified
- No hardcoded secrets in codebase (automated scan)
T — Multi-tenant
- Tenant provisioning creates isolated database schemas
- Hierarchy DAG scoping operational
- Module licensing per hierarchy node
- Config-resolver returns tenant-specific themes and flags
- Cross-tenant event filtering verified
V — Observability
- Prometheus metrics for all M0 services
- Grafana dashboards for platform services
- OTel tracing: Kong → service → NATS → consumer
- Health probes functional (
/health/live,/health/ready) - Alert rules for: service down, error rate > 1%, latency > 1s
D — Documentation
- API docs (OpenAPI 3.1) for all M0 services
- Event catalog (NATS subjects + CloudEvents schemas)
- FHIR resource profiles documented
- Sync protocol specification documented
- Desktop IPC channel reference documented
- Runbook: tenant provisioning, Keycloak admin, Kong config
Slice 1 — Core Clinical (M1)
F — Functional
- Patient registration with duplicate detection operational (REG-EPIC-01)
- Appointment scheduling with multi-provider calendars (SCHED-EPIC-01)
- Provider directory + facility management functional (PROV-EPIC-01, FAC-EPIC-01)
- Patient chart aggregation displaying longitudinal record (PCHART-EPIC-01)
- SOAP clinical notes with templates + signing (CNOTE-EPIC-01)
- Vital signs capture + trending + alerts (VIT-EPIC-01)
- Problem list management with ICD-10 coding (PROB-EPIC-01)
- Allergy recording with severity + reaction tracking (ALG-EPIC-01)
- Medication prescribing with drug safety checks (MED-EPIC-01)
- Desktop EHR core: registration → scheduling → chart → notes (DESK-EPIC-03)
- 3+ pilot clinics operational for 2+ weeks
N — Non-functional
- API p95 < 500ms for all clinical services
- Page load < 2s for patient chart (p95)
- Search results < 1s for patient lookup
- System supports 50 concurrent clinicians per clinic
A — AI readiness
- AI clinical note auto-suggestion functional
- AI drug safety enrichment operational
- AI ICD-10 code suggestion from free text
- Graceful degradation: AI features hidden when unavailable
- Prompt regression tests pass for all clinical prompts
O — Offline readiness
- Patient registration works fully offline → sync → server
- Appointment viewing from cached schedules
- Chart browsing from FHIR bundle cache
- Clinical note drafting offline → sync on reconnect
- Vital signs captured offline
- Full workflow functional during 10-minute network outage
- Stale-data indicator shows "Last synced X minutes ago"
S — Security
- Clinical service tenant isolation verified
- ABAC policies for clinical data access
- Break-glass access documented and audited
- PHI audit events for all patient data access
- Drug safety override requires documented reason
T — Multi-tenant
- Clinical data isolated per tenant
- Provider directory scoped to tenant + hierarchy node
- Facility management scoped to tenant
- Per-tenant clinical note templates
V — Observability
- Clinical service SLOs defined and dashboarded
- Sync success/failure rate dashboarded
- Offline mutation queue depth dashboarded
- Clinical workflow traces end-to-end
D — Documentation
- Clinical API docs (FHIR + REST)
- Clinical FHIR profiles (Patient, Encounter, Observation, etc.)
- Offline workflow documentation for pilot clinic staff
- Runbook: pilot clinic deployment, sync troubleshooting
Slice 2 — Orders & Diagnostics Entry (M2)
F — Functional
- Lab/radiology/nursing orders placed and routed (ORD-EPIC-01)
- Order safety checks (duplicate, allergy, interaction) functional
- Results received, trended, and critical alerts firing (RES-EPIC-01)
- Full terminology service (ICD-10, LOINC, SNOMED CT, RxNorm)
- Charge capture per encounter functional (BILL-EPIC-01)
- Invoice generation operational (BILL-EPIC-02)
- Document templates + scanning functional (DOC-EPIC-01)
- First 3 paying clinic subscriptions signed
N — Non-functional
- Order placement → routing p95 < 500ms
- Results search < 1s
- Terminology lookup < 200ms (common codes)
- Billing invoice generation < 5s
A — AI readiness
- AI order recommendation based on diagnosis functional
- AI result interpretation assistance operational
- AI-assisted ICD-10/CPT coding functional
O — Offline readiness
- Orders queue offline with local safety checks
- Results viewable from local cache
- Charge capture records offline
- Safety checks warn when reference data stale (>24h)
S — Security
- Order authorization verified (clinician credentials)
- Billing data access audited
- Document storage encrypted
- No financial data in client-side logs
T — Multi-tenant
- Per-tenant charge master configuration
- Per-tenant terminology preferences
- Per-tenant document templates
V — Observability
- Order lifecycle dashboard (placed → routed → resulted)
- Critical alert acknowledgment tracking
- Billing revenue dashboard (per tenant)
D — Documentation
- Order codes + safety rules documented
- Billing API + charge master documentation
- FHIR ServiceRequest/DiagnosticReport profiles
Slice 3 — Integrated Care (M3)
F — Functional
- LIS: specimen tracking → accessioning → testing → result verified (LAB-EPIC-01)
- Pharmacy: dispensing workflow operational (PHARM-EPIC-01)
- E-prescribing: prescription → gateway → pharmacy → dispensed (EPRESC-EPIC-01)
- Patient portal: record access (consent-sliced) + appointment requests
- Digital communication: secure messaging + notifications
- Insurance: eligibility verification functional
- First enterprise hospital contract signed
N — Non-functional
- LIS worklist load < 2s for 500 pending specimens
- Messaging delivery < 5s end-to-end
- Patient portal page load < 2s
A — AI readiness
- AI drug interaction analysis for pharmacists
- AI clinical decision support alerts
- AI-powered search in patient portal
O — Offline readiness
- LIS worklist functional offline for 30 minutes
- Pharmacy dispensing queue functional offline
- Messaging queue functional offline
- Prescription queue offline
S — Security
- Patient portal consent enforcement verified
- Secure messaging encryption end-to-end
- Pharmacy dispensing audit trail complete
- Insurance data access audited
T — Multi-tenant
- LIS configuration per tenant
- Pharmacy formulary per tenant
- Patient portal branding per tenant
V — Observability
- LIS turnaround time dashboard
- E-prescribing success rate dashboard
- Patient portal usage analytics
D — Documentation
- LIS API + instrument integration guide
- E-prescribing gateway specification
- Patient portal user guide
- FHIR MedicationRequest/MedicationDispense profiles
Slice 4 — Full Platform (M4)
F — Functional
- PACS: imaging order → DICOM study → viewer → report (RAD-EPIC-01)
- Full billing: patient accounting + payment plans + statements
- Claims: generation → submission → denial tracking → appeals
- Population health: cohorts + registries + quality metrics + HMIS
- Immunizations: schedule management + catch-up + reporting
- Care plans: templates + goals + team coordination
- HL7v2: ADT/ORM/ORU/SIU adapters operational
- Full AI orchestrator: local ONNX + cloud inference
- GA readiness review passed
N — Non-functional
- DICOM image load < 3s for standard study
- Claims submission batch < 30s for 100 claims
- Population health dashboard < 5s for 10K patient cohort
- All services meeting L4 performance gates
A — AI readiness
- Local ONNX model inference functional offline
- Cloud AI for complex clinical analysis
- Population health AI insights operational
- AI immunization recommendations functional
O — Offline readiness
- All clinical workflows functional offline
- PACS viewer with cached DICOM images
- Claims queue offline
- Population health dashboards from cached data
S — Security
- Full pen-test completed and findings closed
- All services pass G8 security gate
- HIPAA/GDPR alignment audit completed
- SLA agreements in place
T — Multi-tenant
- All services fully multi-tenant at L4
- Per-tenant PACS storage configuration
- Per-tenant claims submission configuration
V — Observability
- All services have runbooks
- All SLOs dashboarded with alerts
- Incident response playbook documented
D — Documentation
- Complete API documentation for all 40+ services
- FHIR Implementation Guide published
- Operations manual for production deployment
- GA announcement materials prepared
Slice 5 — National Scale (M5)
F — Functional
- Multi-region data residency operational
- Mobile app: login → chart → push notification
- SMART on FHIR: third-party app integration
- FHIR Bulk Data: full tenant export
- National HMIS report generation
- Government pilot deployment operational
N — Non-functional
- Multi-region failover < 30s
- Mobile app launch < 3s
- Bulk export < 10 minutes for 100K patients
- 10x load test passing
A — AI readiness
- Predictive analytics operational
- AI-powered HMIS reporting
- Semantic search functional
O — Offline readiness
- Mobile offline support with background sync
- Multi-device sync with conflict UI
- Remote wipe functional (< 5 minutes)
- Offline bundle management (pin/unpin/clear)
S — Security
- Multi-region compliance verified
- Mobile security audit completed
- SMART on FHIR app sandboxing verified
T — Multi-tenant
- Region-aware tenant provisioning
- White-label theming per hierarchy node
- Per-tenant data residency configuration
V — Observability
- Multi-region observability consolidated
- Mobile analytics integrated
- National-scale performance monitoring
D — Documentation
- Multi-region deployment guide
- Mobile app user guide
- SMART on FHIR developer guide
- National HMIS integration guide