From Zero to HIPAA-Compliant Voice AI Platform in 4 Months

Situation:

A venture-backed digital health company relied on community health workers (CHWs), nurses, and social workers to engage Medicaid members. The primary bottleneck was outreach. Teams spent ~80% of their time making phone calls, limiting how many members they could support.

The company had no internal technical team or product function. I was brought in to lead data, infrastructure, and engineering, and to define the technical roadmap required to scale operations.

To grow beyond a services-based model, the company needed a HIPAA-compliant system capable of automating outreach and structuring member data for downstream care workflows.

Approach:

I designed and led the development of an automated outreach system centered around a Voice AI agent.

New members were added to a scheduling queue, where the agent would initiate outbound calls with access to relevant member data (demographics, contact info, health plan data).

The system was designed to:

• Collect structured information (consent, preferences, risk indicators, key concerns)

• Detect urgent or sensitive conditions requiring escalation

• Persist all data in a queryable format for downstream use

• Store call transcripts, summaries, and audio recordings

The platform was built on a HIPAA-compliant AWS architecture with secure networking and telephony integration.

In parallel, I led development of an internal operations interface that allowed teams to:

• Manage outreach queues and follow-ups

• Review member-level data and call history

• Access transcripts, summaries, and recordings

• Add notes and track engagement status

Results:

Within four months, we built and deployed a production-ready, HIPAA-compliant system with a team of three fractional engineers.

Key outcomes:

• Automated outbound calling with scheduling, retry logic, and preference handling

• Structured data capture from voice interactions, including risk assessment signals

• Full traceability via call transcripts and recordings

• Internal tooling that replaced manual tracking and fragmented workflows

The system was designed as a modular, serverless architecture, enabling:

• Horizontal scaling for high-volume outreach

• Isolated deployment and debugging of individual components

• Multi-tenant support for future expansion across organizations and campaigns

The platform was operational and ready to support high-volume outreach programs. Why it matters:

In healthcare services, outreach is often the primary operational bottleneck.

This system shifted outreach from a manual, time-intensive process to an automated, scalable workflow, freeing clinical staff for higher-value work instead of repetitive calls. It also established a compliant, extensible infrastructure for capturing structured patient engagement data, enabling future analytics, care coordination, and program optimization.

Even before full-scale deployment, the company had moved from a labor-constrained services model to a technology-enabled platform capable of growing outreach without linearly scaling headcount, and extending to external healthcare services teams.

__________________________________________________

In regulated environments, most of the work isn't visible in the demo. It's in the infrastructure, security, and compliance that make the system viable. That's where timelines and costs are usually won or lost. Getting to a production-ready foundation early is often what determines whether an AI initiative can work at all.