โ–ฒ Cloud Run connectingโ€ฆ </> source ▶ Storyboard view repo ↗
๐Ÿฅ HEALTHCARE DATA PLATFORM โ€” L1 CONTROL ROOM
Can humans + AI trust hospital data today?
PROD  |  Updated 08:02 AM
๐ŸŸข SYSTEM STATUS โ€” SHOULD WE PANIC TODAY?
No โ€” all systems operational. ๐ŸŽ‰
No fake patients
No broken feeds
No critical quality failures
Charts are safe to read. Data is safe to feed agents.
โค๏ธ Can we trust the chart?
QC passed?99.2%
Missing keys?0.04%
Duplicate visits?0.00%
Fake patients?none
[Open B2]
โฐ Is the data fresh?
Latest ingest08:01
Data delay2m
Stale alertON
SLA met99.1%
[Open B4]
๐Ÿ”ง Is it alive?
Uptime99.94%
Jobs OK99.1%
MTTR38m
Silent fails0
[Open B4]
๐Ÿ“‹ Can people use this?
Star schemaPASS
ContractsPASS
Query martsYES
[Open B3][Open B5]
๐Ÿ›ก Will compliance yell?
PII scanPASS
Audit lineageON
HIPAA taggingPASS
[Open B2][Open B6]
๐Ÿค– Is it agent-ready?
Marts agent-allowed4 / 5
PII-safe viewsON
Contract coverage100%
Agent freshness SLAmet
[Open B2][Open B5]
๐Ÿšจ IF SOMETHING TURNS RED
Trust issueโ†’ Open B2
Modeling issueโ†’ Open B3
Pipeline issueโ†’ Open B4
Warehouse issueโ†’ Open B5
Agent-readiness issueโ†’ Open B5
Architectureโ†’ Open B6
traces to: /api/control-room 200 dashboard_spec.yml data/quality/l1_checkpoint_report.json
โค๏ธ TRUST INVESTIGATION ROOM
Can we trust the patient and visit numbers?
PROD  |  Updated 08:02 AM
๐Ÿ˜Œ CURRENT STATUS
Mostly healthy โ€” 1 issue needs attention (NOT patient-facing yet)
No fake patients detected
โค๏ธ TRUST VITALS (value + inline benchmark)
1.๐Ÿงช QC passed?99.2% (good โ‰ฅ95 | strong โ‰ฅ99)
Open dbt testsOpen run_results.jsonOpen Job Log
2.๐Ÿ‘ Missing key fields?0.04% (good <1 | strong <0.1)
Open null offenders queryShow sample rowsOpen Lineage
3.๐Ÿ‘ฏ Duplicate visits?0.00% (good <1 | strong =0)
Open duplicate keys queryShow validation
4.๐Ÿง‘ Fake patients?100.0% (good โ‰ฅ99 | strong =100)
Open orphan records queryOpen relationship testOpen upstream job
5.๐Ÿ•ต Can we trace every number?94% (good โ‰ฅ90 | strong โ‰ฅ95)
Open manifest.jsonOpen lineage gapsOpen model owners
6.๐Ÿงฎ Do systems agree?99.94% (good โ‰ฅ99 | strong โ‰ฅ99.9)
Open recon queryOpen KPI definitionsOpen decision log
๐Ÿ“‘ EVIDENCE (PROOF) โ€” show me receipts (direct clicks to bad files)
visit โ†’ patient relationship97.8% (expected =100)
direct proof clicks:
blast radar
  • impacts: Patient Count KPI, ER Census, RAG Patient Lookup
  • scope: clinical marts only
  • patient-facing dashboards: NOT impacted (yet)
MRN null spike0.12% (strong <0.10)
direct proof clicks:
blast radar
  • impacts: reporting only (for now)
  • risk: if it grows โ†’ becomes patient-identity risk
duplicate visit_id0.00% (required =0)
proof: Show Validation
blast radar
  • none
๐Ÿš‘ TRIAGE โ€” what do we do + who owns it
Broken visit โ†’ patient join
owner: Data Platform (on-call)  |  ETA: < 1h  |  action: Page on-call
runbook: Open runbookOpen rollback planOpen incident thread
MRN null spike
owner: Analytics Engineering  |  ETA: next sprint  |  action: Create ticket
paper trail: Open ticketOpen data contractOpen upstream owner
๐Ÿ›Ÿ AUTO-MITIGATIONS โ€” what we already auto healed so humans don't panic
โœ…Retried failed dbt job (success)Open retry logs
โœ…Refreshed affected martsOpen refresh job
โœ…Switched dashboards to last-known-good snapshotOpen snapshot IDOpen diff
โœ…Added warning banner (degraded mode)Open dashboard link
โœ…Notified ownerOpen incident thread
๐Ÿค– Auto-remediation coverage50%
โœ… Machines stabilized the symptoms โ€” dashboards stayed up, no bad data shipped.
โณ The other 50% needs a human: the KPI definition call below. ๐Ÿ‘‡
๐Ÿค GOOD LUCK HUMAN โ€” HITL your turn now
๐Ÿ’ฐ Finance visits: 1,024  vs  ๐Ÿงพ Billing visits: 1,011 โš ๏ธ
๐Ÿค– Machine verdict: both valid ๐Ÿ˜ต (definition fight, not a data bug)
โณ What happens if you ignore this:
  • ๐Ÿ“ค Finance ships "1,024" to execs
  • ๐Ÿ“ค Billing ships "1,011" to Ops
  • ๐Ÿ“Š BI publishes both (by accident)
  • ๐Ÿ“ธ Someone screenshots the mismatch in Slack
  • ๐ŸŽ‰ Congratulations: you just scheduled a 90-minute "who's lying" meeting
๐ŸฅŠ Who fights who:
  • ๐Ÿ’ฐ Finance Lead: "Visits = posted revenue events"
  • ๐Ÿงพ Billing Lead: "Visits = billable encounters"
  • ๐Ÿ“Š Data Lead: "Please stop redefining reality in Google Sheets"
  • โš–๏ธ Compliance (walks in late): "Which one is in the audit report?"
๐Ÿ“ก blast radar:
  • ๐ŸŽฏ Patient Count KPI (exec dashboard)
  • ๐Ÿฅ ER Census (ops)
  • ๐Ÿ” Downstream RAG "patient lookup" confidence (counts stop matching)
๐Ÿ›  Fix it in 3 moves โ€” each step has a button
1
๐Ÿ† Pick the winning definition (or publish both, clearly labelled, like civilized people)
โš–๏ธ Compare both definitions๐Ÿ“Š Open recon query
2
๐Ÿ“œ Write it down as a KPI contract (one paragraph, not a novel)
โœ๏ธ Open contract draft๐Ÿ“– Open KPI definitions
3
๐Ÿ”’ Enforce it in dbt (tests + semantic layer) so this argument can't respawn next week
๐Ÿงฌ Open dbt model๐Ÿ“ Open semantic metric
๐Ÿ‘‰ Decision owner: Data Lead  ยท  ๐Ÿ‘ค Assign owner๐Ÿ“ Open decision log๐Ÿ’ฌ Start Slack thread
traces to: /api/trust-room 200 trust_metrics_spec.yml evidence_links.md
๐Ÿ›’ B3 DATA MARKETPLACE โ€” Mart Catalog + dbt Lineage
Can humans + AI pick the right dataset without join hell?
dbt + SQL ยท Gold Layer ยท BI / AI ready
๐Ÿ›’ MART CATALOG โ€” ready-to-query data products
๐Ÿ“ฆ mart_er_triage
ER ops / census / triage
Grain1 row = 1 ER visit
ConsumersBI + AI + Ops
โœ… precomputedโœ… prejoinedโœ… precleanedโœ… preaggregated
SELECT * FROM mart_er_triage;
๐Ÿ“ฆ mart_patient_summary
patient lookup / repeat visits
Grain1 row = 1 patient
ConsumersBI + AI
โœ… precomputedโœ… prejoinedโœ… precleanedโœ… preaggregated
SELECT * FROM mart_patient_summary;
๐Ÿ“ฆ mart_claims_summary
billing / recon
Grain1 row = 1 claim
ConsumersFin + Ops
โœ… precomputedโœ… prejoinedโœ… precleanedโœ… preaggregated
SELECT * FROM mart_claims_summary;
๐Ÿงฌ LINEAGE PREVIEW โ€” where mart_er_triage comes from
raw_ehr_visit
โ–ผ
stg_visit
โ–ผ
fct_patient_encounters
โ–ผ
mart_er_triage
consumed byโ–ผ
๐Ÿ“Š Executive Dashboard
๐Ÿค– AI Retrieval
Open dbt lineageOpen model_map.mdOpen sample_queries.sql
๐Ÿ“œ CONTRACT SNAPSHOT โ€” do we agree what the mart means?
visit = completed care encounterPASS
ER census = active ER encounters in reporting windowPASS
patient = unique human receiving carePASS
claim = billable / reimbursable eventPASS
๐Ÿ’ก Main message: precomputed + prejoined + precleaned + preaggregated so humans can SELECT * FROM mart_ instead of writing join hell.
traces to: mart_catalog_ascii.md lineage_ascii.md sample_queries.sql
๐Ÿ”„ B4 PIPELINE OPERATIONS DAG
What runs first? What depends on what? What breaks downstream?
tech: Airflow + Python + dbt + GitHub Actions
1data/raw/
source healthcare data
โ–ผ
2ingest_raw.py
validate / load raw
โ–ผ
3identity_resolver.py
patient_identity_map.json
4provider_cleaning.py
provider reference data
both must finishโ–ผ
5dbt build
bronze โ†’ silver โ†’ gold
โ–ผ
6dbt tests
not_null / unique
7schema checks
contracts valid
8recon checks
finance vs billing
all must passโ–ผ
9quality_gate.py
PASS โ†’ publish
FAIL โ†’ block + alert
โ–ผ
10mart_patient
precomputed mart
11mart_visit
prejoined mart
12mart_claims
finance mart
marts published togetherโ–ผ
13api_refresh
FastAPI / OpenAPI
portfolio/ = consumers only, not pipelineโ–ผ
14B1 dashboard
executive cockpit
15B2 trust view
quality cockpit
16AI consumers
RAG / agents
๐Ÿ”— DEPENDENCY RULES
1 โ†’ 22 โ†’ 3, 43, 4 โ†’ 55 โ†’ 6, 7, 8 6, 7, 8 โ†’ 99 โ†’ 10, 11, 1210, 11, 12 โ†’ 1313 โ†’ 14, 15, 16
๐Ÿ’ฅ BLAST RADIUS EXAMPLES
If (3) identity_resolver.py fails:
patient_identity_map.json fails
โ†“ dbt build may still run, but trust quality drops
โ†“ B2 Trust Dashboard turns yellow / red
If (6) dbt tests fail:
quality_gate.py blocks publish
โ†“ marts do not refresh
โ†“ API / dashboard serve last-known-good snapshot
If (9) quality_gate.py fails:
mart_patient / mart_visit / mart_claims blocked
โ†“ B1 Executive Dashboard shows degraded mode
โ†“ AI consumers do not receive bad data
โœ… WHAT B4 PROVES

๐Ÿ•’ Freshness

data arrives + refreshes on schedule

๐Ÿ” Reliability

tasks run in dependency order

๐Ÿงฏ Recovery

failed jobs retry, or block publish safely

๐Ÿ’ฅ Blast radius

you know exactly what breaks downstream
traces to: dag_ascii.md runbook.md
๐Ÿญ B5 WAREHOUSE EXPLORER
Do the tables exist โ€” and are they modelled so every join is safe?
dataset: healthcare_dw ยท BigQuery (dbt core models)
Real tables โ†’ modelled as a star schema โ†’ integrity enforced by dbt tests โ†’ every number traces back to SQL.
๐Ÿฉบ WAREHOUSE AT A GLANCE
1 dataset
11 tables
8 gold models
0 views
last refresh 12:51
health Healthy ๐ŸŸข
497 encounters
โญ THE STAR SCHEMA โ€” 7 conformed dimensions โ†’ 1 fact
dim_patient
dim_doctor
dim_hospital
dim_diagnosis
dim_insurance
dim_medication
dim_date
7 FK relationships โ†’ 1 factโ–ผ
โญ fact_patient_encounters
1 row = 1 encounter ยท 7 surrogate FKs + 8 measures
๐Ÿฅ‰๐Ÿฅˆ๐Ÿฅ‡ MEDALLION PATH โ€” where the star comes from
๐Ÿฅ‰ raw/healthcare_dataset.csv
โ–ผ
๐Ÿฅˆ stg_healthcare
โ–ผ
int_encounters_enriched
int_readmissions
โ–ผ
๐Ÿฅ‡ gold star schema
8 models
๐Ÿ”’ INTEGRITY ENFORCED โ€” dbt tests that gate every build
โœ…encounter_id โ€” not_null + unique โ†’ no duplicate or ghost encounters
โœ…7 FK relationships (patient/doctor/hospital/diagnosis/insurance/medication/date keys) โ†’ joins can't silently drop rows
โœ…accepted_values on is_emergency / is_readmission [0,1] โ†’ clinical flags can't go dirty
๐Ÿงช These run on dbt test and gate dbt build. Honest scope: row-shape integrity (the cheap tests that stop silent FK drops) โ€” not semantic clinical validation.
๐Ÿ”Ž PROOF QUERY โ€” verified against the real dbt model
SELECT medical_condition, COUNT(*) AS encounters FROM fact_patient_encounters GROUP BY 1 ORDER BY encounters DESC;
๐ŸŸข Open SQL๐Ÿ“ˆ Open Lineage๐Ÿ‘ Preview Data
๐Ÿ“ 497 encounters (synthetic dataset). The star schema + enforced FKs are the skill โ€” they hold the same at 497 rows or 497M. Row count isn't the flex; the modelling is.
traces to: /api/warehouse-room 200 dbt-project/models/marts/core/ warehouse_room_payload.json
๐Ÿ— B6 SYSTEM ARCHITECTURE
How does the whole machine connect? (the 10-second version)
๐Ÿ“ฅ Sources
EHR ยท claims ยท providers
โ–ผ
โš™๏ธ dbt โ†’ ๐Ÿญ BigQuery
transform + test โ†’ trusted marts
โ–ผ
๐Ÿ”Œ API on Cloud Run
serves the room payloads
โ–ผ
๐Ÿ‘ Humans
B1 / B2 cockpit
๐Ÿค– Agents
RAG ยท agent-allowed only
๐Ÿ”Œ API surface โ€” what Cloud Run serves
/api/control-room/api/trust-room/api/warehouse-room/api/retrieve/api/ask
๐Ÿค– L2 grounded agent โ€” answers grounded on trusted marts, every claim cites [doc N]
BM25 retrieves top-K from the redacted enriched corpus โ†’ Gemini answers only from that evidence. No raw PII indexed.
[Ask grounded agent โ†’]
โ–ฒ Why Cloud Run: stateless API, scales to zero when idle, one container, deploys from the same repo CI already guards.
traces to: architecture.mmd dependency_map.mmd