The infrastructure that runs the operation.
Sherwood is our backbone. Mariann is the newest member of our clinical team. Both are proprietary, both are purpose-built for Medicaid screening workflows, and both are deployed and running today.
The clinical system of record.
Every screening we run passes through Sherwood. It identifies eligible members, runs clinical decision support against HEDIS and USPSTF rules, routes orders through physician sign-off, manages kit logistics, ingests results, coordinates follow-up, and documents every action in a HIPAA-compliant audit trail.
Sherwood
Sherwood was built from the ground up for the clinical workflow legacy EMRs never anticipated: home-based preventive screening for Medicaid populations, coordinated by a virtual clinical team. It is a clinical decision support engine, an order management system, a patient engagement platform, a care coordination tool, and a reporting system—unified under a single record and a single audit trail.
Clinical data retrieval
Carequality & CommonwellClinical history pulled from the same national networks Epic, Cerner, and athenahealth already participate in. No partner-side integration required.
Decision support
HEDIS · USPSTF · UDSRule-based CDS algorithms implementing published measure specifications directly in code. Fully interpretable. Immediately auditable.
Order workflow
Eight-stage state machineEvery order moves through defined states from initial outreach to physician sign-off to kit shipment to result review to closure. No state skipped. No order lost.
Physician sign-off
Every order signedNo kit ships without licensed-physician review. Medical director reviews pre-screening responses and clinical history, with a 48-hour review window.
Kit logistics
Lab partner integrationFIT, HbA1c, and ACR orders generated in our lab partners' required formats. Shipment tracking, result ingestion, and deduplication handled automatically.
Partner reporting
EHR write-back · HEDIS · UDSCompleted screenings document back to partner systems as structured chart notes, enabling direct measure credit without reconciliation.
Our AI-powered nursing assistant.
Mariann is the newest member of our clinical team. She runs member outreach on a clinically validated cadence, verifies identity, collects pre-screening history, answers questions at fifth-grade reading level, and schedules follow-up appointments. Bilingual. Clinician-supervised. Every conversation auditable.
Mariann
Mariann is built on Anthropic's Claude with clinical guardrails designed specifically for the home-based screening workflow. She never diagnoses a condition, never prescribes a medication, and never makes an autonomous clinical decision. Emergency keywords bypass her entirely for immediate 988 or 911 referral. Every conversation is logged and reviewable by the medical director through an AI oversight dashboard.
What she does
Outreach and engagementInitial outreach, DOB-based identity verification, pre-screening clinical questions, kit usage instructions, appointment scheduling, and satisfaction surveys.
What she will not do
No diagnosis, no RxAll clinical opinions, interpretations, and treatment recommendations are redirected to the human clinical team. Clinical decisions require physician sign-off.
Channels
SMS · TCPA-compliantSMS as primary channel, with TCPA-compliant opt-in and opt-out handling. Chosen over portal or app because it reaches Medicaid members who have phones but not smartphones.
Languages
English · Spanish nativeEvery workflow, every prompt, every escalation path available in both languages. Member preference persists from first response forward.
Safety architecture
988 / 911 bypass · sensitive info blockingEmergency keywords intercepted before AI processing. SSN, credit card, and password patterns blocked inbound. Every escalation routes to a human.
Oversight
Full conversation auditEvery conversation logged and reviewable by the medical director. Flagged conversations surface in a dedicated oversight dashboard for clinical review.
Built on a HIPAA-compliant foundation.
Everything Sherwood and Mariann do sits on a SOC 2 Type II certified hosting platform, runs under signed BAAs with every data processor, and documents every protected health information access in an immutable audit trail.
Hosting
SOC 2 Type IIDeployed on a SOC 2 Type II certified, HIPAA-compliant hosting platform purpose-built for healthcare applications.
Encryption
AES-256 · TLS 1.2+All PHI encrypted at rest using AES-256. All data in transit encrypted via TLS 1.2 or higher.
Data processing
BAAs with every vendorBusiness Associate Agreements executed with every data processor in the stack. No PHI touches a system without coverage.
Access control
Role-based · pod-isolatedSix defined clinical roles with granular permissions. Per-partner data pods ensure clinical staff see only the members they are assigned.
Audit trail
Retained · reviewableEvery access to PHI logged with user identity, action, resource, IP address, and timestamp. Retained per HIPAA requirements and available on request.
Authentication
Fail-closed · rate-limitedAuthorization middleware fails closed on error rather than passing through. DOB verification endpoints rate-limited to prevent brute-force attacks.
Built on healthcare-first infrastructure.
Every vendor in the stack is either SOC 2 certified, HIPAA-compliant by design, or both. The systems Sherwood and Mariann sit on top of are the same systems trusted by major clinical operations at scale.
Built. Deployed. Running today.
Sherwood and Mariann are not a product roadmap. They are an operational system that handles live clinical workflows every day. End-to-end technical validation has been completed; the platform is preparing for initial pilot deployment with partner FQHCs.
Want the technical walk-through?
A 45-minute platform briefing covers architecture, security posture, clinical workflow, AI oversight model, and integration pathways for partner reporting.
Request a platform briefing