What it does: Runs AI agents (triage, orders, lab review, pharmacy, documentation) through a trust governance layer (VERITAS) for
clinical encounters. Every agent action is policy-gated (OPA Rego), FHIR R4-persisted, and cryptographically audited.
Key design decisions:
- Deny by default — agents cannot act without policy approval
- Human-in-the-loop gates enforced by policy, not UI convention
- FHIR R4 as the native data model (no proprietary schemas)
- Cryptographic audit chain (SHA-256, append-only)
- Pluggable LLM backend (Claude API / Ollama / mock)
Stack: Rust, axum 0.7, tokio, regorus (Rego), sqlx, reqwest, Next.js 15
Not trying to replace Epic — solving problems Epic architecturally can't solve with AI.
VERITAS github repo:https://github.com/Chesterguan/veritas