Clinician Oversight Platform for an FDA-cleared CPAP Product

The challenge

Our client had an FDA-cleared patient-facing CPAP companion app already in market. It collected nightly therapy data — usage hours, mask leak, AHI events — from thousands of patients across multiple sleep clinics. The data was flowing, but the people who needed it most could not see it.

Clinicians were logging into a device-manufacturer portal that listed raw records with no prioritisation. A respiratory therapist responsible for several hundred patients had no way to know which patients were failing therapy this week versus which were stable. Compliance reporting for insurers — a requirement for continued reimbursement — was assembled by hand in spreadsheets.

The brief was deceptively simple: give clinicians a way to oversee their patient population without compromising the regulatory posture of a cleared medical device.

Our approach

The first decision was architectural and regulatory at the same time. The existing patient app was Software as a Medical Device under IEC 62304. The new clinician platform needed to read its data without becoming, itself, a regulated change to the cleared device. We worked with the client's regulatory lead to define a clean boundary: the patient app remained the system of record; the oversight platform was a separate, read-derived system with its own risk classification.

That boundary shaped everything. We designed a one-way data pipeline, an explicit multi-tenant model — organisation, location, clinician, patient — and an audit trail that recorded every read of patient data, not just every write. In a regulated context, who looked at what, and when, matters as much as who changed it.

What we built

A multi-tenant clinician web application with three pillars:

• Population dashboard. Every clinician lands on a triaged view: patients ranked by therapy risk, not alphabetically. Failing-therapy patients surface first, with the specific signal — low usage, high leak, rising AHI — called out.
• Patient timeline. A longitudinal view of a single patient's therapy with annotations, so a therapist can see the story, not just last night.
• Compliance reporting. One-click generation of insurer-ready adherence reports that previously took hours of spreadsheet work, with every figure traceable back to source records.

We added an AI assistant, grounded strictly in the patient's own record via a retrieval pipeline, that let clinicians ask plain-language questions ("how has adherence trended since the mask change?") and get cited answers. It never generated clinical advice — it summarised and pointed back to data, by design.

Technologies & stack

Next.js and a Node.js API, PostgreSQL with a strict tenant-isolation model, deployed on AWS with infrastructure as code and per-tenant data segregation. The AI layer used the Claude API with a retrieval pipeline scoped to a single patient's records per request, with every prompt and response logged for auditability.

Outcomes

• Clinician review time dropped by roughly 60% — measured against the old portal workflow across more than 5,000 patients.
• Compliance reporting moved from hours to minutes, with a full audit trail.
• Zero regulatory findings against the oversight platform in the client's subsequent internal audit, because the boundary held.

The system has since grown to additional clinic networks without architectural change — the multi-tenant model did its job.