Patient Graph
The Patient Graph is Loop Health’s unified clinical data system. It serves as the single source of truth for all patient health data — profiles, lab results, protocols, events, treatments, prescriptions, and wearable data.
Purpose
The Patient Graph solves the problem of fragmented health data by providing:
- Unified Data Model — All patient health data in one schema with consistent access patterns
- RBAC Security — Role-based access control with row-level ownership checks
- Complete Audit Trail — Every data access is logged for HIPAA compliance
- Identity Resolution — Cross-system identity mapping (Clerk, Rimo, BigCommerce)
- Clinical API — RESTful Hono API with Zod validation and consistent response formats
Architecture
The Patient Graph consists of three layers:
1. API Layer (apps/patient-graph)
A standalone Hono HTTP API deployed on Fly.io. Handles authentication (Clerk JWT), RBAC, rate limiting, and audit logging.
2. Data Access Layer (packages/patient-graph)
Drizzle ORM repositories for type-safe database operations. Provides createRepositories() for profiles, labs, protocols, events, and more.
3. Schema Layer (packages/shared)
Drizzle schema definitions and Zod validation schemas shared across all consumers. Defines tables, enums, and validation rules.
Key Features
| Feature | Description |
|---|---|
| Profiles | Patient demographics, conditions, medications, subscription tier |
| Lab Results | Parsed biomarker data from lab report PDFs |
| Protocols | Treatment protocols with compounds, dosages, and schedules |
| Events | Clinical timeline (lab uploads, protocol changes, check-ins) |
| Treatments | Rimo Health treatment lifecycle tracking |
| Prescriptions | Prescription fulfillment from Rimo pharmacy |
| Conversation History | Cross-channel AI conversation logs |
| Wearable Data | Oura, Whoop, Dexcom, Libre metrics |
| Audit Logs | RBAC access logs for compliance |
Consumers
| Consumer | Access Method |
|---|---|
| Luna AI | Direct repository access via @loop/patient-graph package |
| Consumer App | HTTP client via @loop/patient-graph-client |
| Admin Dashboard | Proxied API calls through admin app |
| Trigger.dev Jobs | Direct repository access |
Quick Links
- Data Model — Tables, columns, enums, and relationships
- API Endpoints — Full API reference with curl examples
- RBAC & Permissions — Role-based access control system
- Audit Logging — Compliance audit trail
- Repositories — Data access layer documentation
- Identity Resolution — Cross-system identity mapping