MedMinder Pro - Medication Adherence Coach

Model: z-ai/glm-4.7
Status: Completed
Cost: $0.231
Tokens: 153,860
Started: 2026-01-05 14:38

Section 03: Technical Feasibility & AI/Low-Code Architecture

Project: MedMinder Pro - Medication Adherence Coach

1. Technical Achievability Score

8/10 Highly Feasible

Justification: The core technology stack (React Native + Supabase + OpenAI) is mature and widely supported. Building reminder logic and mobile interfaces is standard engineering. The primary complexity lies in the Intervention Engine and Pharmacy Integration. However, modern LLM APIs (GPT-4) drastically reduce the effort required for natural language processing and root cause analysis compared to building custom NLP models. The "low-code" philosophy is achievable by leveraging managed backend services (Supabase) rather than provisioning raw infrastructure. The main barrier is not technical impossibility, but rather data access (Surescripts) and strict HIPAA compliance requirements.

Gap Analysis (Score < 10)

  • Pharmacy Data Access: Surescripts integration requires complex certification and B2B partnerships, not just API keys.
  • Medical Liability: AI "diagnosis" of side effects requires rigorous guardrails to avoid FDA classification as a medical device.

Recommendations

  1. MVP Data Strategy: Launch with manual entry + open drug databases (FDA/RxNorm) before pursuing live pharmacy integrations.
  2. AI Guardrails: Implement strict system prompts and output validation to ensure AI acts as a coach, not a doctor.
  3. HIPAA Early: Select cloud providers (Supabase, Vercel) who sign BAAs immediately to avoid re-architecting later.

2. Recommended Technology Stack

Layer Technology Rationale
Frontend (Mobile) React Native (Expo) + NativeWind Cross-platform efficiency (iOS/Android). Expo manages build complexity. NativeWind allows Tailwind CSS for UI, speeding up development.
Frontend (Web) Next.js + shadcn/ui Required for the Caregiver Dashboard and B2B admin portals. Next.js offers SEO and server-side rendering capabilities.
Backend / DB Supabase (PostgreSQL) Provides Auth, Database (Postgres), and Real-time subscriptions in one. HIPAA compliant (BAA available). Replaces custom Node.js backend for CRUD.
AI / ML Layer OpenAI GPT-4o + Vercel AI SDK GPT-4o handles reasoning for root cause analysis. Vercel AI SDK simplifies streaming responses and prompt management.
Infrastructure Expo EAS (Mobile) + Vercel (Web) Managed hosting environments. EAS handles iOS/Android builds and over-the-air updates. Vercel handles web deployment seamlessly.
Dev / Ops GitHub + Sentry + Linear Standard version control. Sentry for crash reporting (critical for health apps). Linear for issue tracking.

3. System Architecture Diagram

Mobile App (Expo/React Native)
Patient UI, Reminders, Camera
Web Dashboard (Next.js)
Caregiver View, Analytics
↓ ↓ (HTTPS / REST / WebSocket)
API Gateway & Logic Layer
Supabase Auth
Row Level Security
Edge Functions (Node.js)
Push Notifications (OneSignal)
↓ (Read/Write)
↓ (API Calls)
Primary Database (PostgreSQL)
Users, Meds, Schedules, Logs
AI Engine (OpenAI)
Root Cause Analysis, Intervention Gen
External APIs
Drug DB (RxNorm), Surescripts

4. Feature Implementation Complexity

Feature Complexity Effort Dependencies Notes
User Authentication (HIPAA) Low 2 days Supabase Auth Enable MFA for security.
Smart Reminder Engine Medium 5 days Local Notifications, Supabase Requires scheduling logic & timezone handling.
Photo Verification Medium 4 days Expo Camera, Cloudinary Upload to encrypted storage. CV analysis optional.
Root Cause AI (NLP) Medium 5 days OpenAI API, Vercel AI SDK Prompt engineering critical for categorizing barriers.
Intervention Engine High 8 days GoodRx API, AI Logic Complex logic mapping barriers to specific actions.
Caregiver Dashboard Medium 7 days Next.js, Supabase Realtime Real-time alerts via WebSockets.
Pharmacy Integration High 14+ days Surescripts, External Partners Deferred to Phase 2. Use manual entry for MVP.

5. AI/ML Implementation Strategy

AI Use Cases

  • NLP Classification Analyze "Snooze Reasons" (text input) → Categorize into Side Effects, Cost, Forgetfulness, etc. → Structured JSON tag.
  • Generative Content Generate Doctor Talking Points → Context from user history → Empathetic, actionable conversation scripts.
  • Predictive Logic Predict Adherence Risk → Analyze missed dose patterns + time of day → Flag "At Risk" users to dashboard.

Model Selection & Quality

Primary: OpenAI GPT-4o-mini (Cost/Speed balance).

Fallback: GPT-3.5-Turbo if latency is critical.

Fine-Tuning: Not needed initially. Use few-shot prompting in system instructions.

Risk Control: Use JSON Mode to prevent hallucinations. All outputs must include a disclaimer: "I am an AI, consult a doctor."

Cost Management

Est. Cost: ~$0.05 - $0.15 per active user/month (based on 5-10 AI interactions/week).

Optimization: Cache common drug interactions and intervention text. Do not call LLM for static data.

Budget Threshold: Alert if AI costs > 15% of MRR.

6. Data Requirements & Strategy

Data Sources & Schema

  • User Input: Med names, dosages, photos of pills.
  • External APIs: RxNorm (for drug standardization), GoodRx (pricing).
  • Core Tables:
    Users (Profile, Settings)
    Medications (Name, Dosage, RxNorm_ID)
    Schedules (Time, Frequency)
    AdherenceLogs (Taken/Snoozed/Missed, Timestamp, AI_Analysis)

Storage & Privacy

  • Storage: PostgreSQL (Supabase) for structured data. Encrypted S3 for pill photos.
  • PII Handling: Names and emails are encrypted at rest. HIPAA compliance required.
  • Retention: Logs retained for 2 years (standard clinical timeline). Data export available on request.
  • Right to be Forgotten: Hard delete API endpoint for account closure.

7. Third-Party Integrations

Service Purpose Complexity Cost Criticality
Supabase Backend-as-a-Service (DB, Auth, Storage) Low Free tier → $25/mo Must-have
OpenAI Root cause analysis & content generation Simple API Pay per usage (~$0.15/user) Must-have
OneSignal Push Notifications (Mobile & Web) Medium Free tier → $99/mo Must-have
RxNorm API (NIH) Drug nomenclature & interaction database Medium Free Must-have
Stripe Subscription payments (B2C) Medium 2.9% + 30¢ Nice-to-have (Phase 2)
Apple HealthKit Sync meds data to native health app High Free Nice-to-have

8. Scalability Analysis

Performance Targets

  • Load Time: App start < 2s
  • API Response: < 500ms (CRUD)
  • AI Gen: < 5s (Streamed)
  • Concurrent Users: 1k (MVP) → 100k (Yr 3)

Bottlenecks

  • AI Latency: OpenAI tokens/sec limit.
  • Notification Queues: Morning "pill rush" (8-9 AM).
  • Image Storage: Photo verification uploads.

Scaling Strategy

  • DB: Supabase handles auto-scaling Postgres.
  • Caching: Redis for drug data (static).
  • Jobs: Supabase Edge Functions for async notifications.

9. Security & Privacy Considerations

HIPAA Compliance is Mandatory. All vendors (Supabase, Vercel, OpenAI) must sign BAA (Business Associate Agreements).

Data Protection

Encryption: AES-256 for data at rest (Supabase default). TLS 1.2+ for data in transit.
Auth: JWT-based auth via Supabase. Session tokens expire every 1 hour.
PII: Minimize data collection. Do not store SSNs or full insurance card numbers if possible.

API & Access

Row Level Security (RLS): Enforced at DB level. Patients can only see their own data; Caregivers only see linked data.
Input Sanitization: Strict validation on all drug names to prevent SQL injection.
Rate Limiting: Prevent API abuse (DDoS) via Vercel/Supabase middleware.

10. Technology Risks & Mitigations

Pharmacy API Access Failure

🔴 High Severity

Surescripts or similar network APIs may deny access to a startup without established partnerships, breaking the "automatic refill" feature.

Mitigation:

Build the MVP using manual medication entry and open drug databases (RxNorm). Pivot the value proposition to "Smart Coaching" rather than "Auto-refills" initially. Pursue partnerships with specific independent pharmacies (easier than national chains) for pilot programs.

AI Hallucinations (Medical Advice)

🟡 Medium Severity

The AI might suggest a dangerous interaction or incorrectly advise stopping a medication, leading to liability and user harm.

Mitigation:

Use OpenAI's JSON Mode to constrain outputs to pre-defined categories (e.g., "Consult Doctor", "Take with Food"). Never allow the AI to generate dosage instructions. Add clear UI disclaimers that the app is not a substitute for professional medical advice.

HIPAA Compliance Breach

🟡 Medium Severity

Misconfigured cloud storage or logs leaking PII could result in massive fines and loss of B2B contracts.

Mitigation:

Conduct a third-party security audit before launch. Ensure logging services (Sentry) strip PII before sending data. Use environment variables for all secrets.

11. Development Timeline & Milestones

Phase 1: Foundation
Weeks 1-2
  • Repo setup (Expo + Supabase)
  • Auth flow implementation
  • DB Schema (Users/Meds)
  • Basic UI Shell
Deliverable: Login + Empty Dashboard
Phase 2: Core
Weeks 3-6
  • Medication CRUD & Scheduling
  • Local Notifications (Reminders)
  • Check-in/Snooze Logic
  • OpenAI Integration (Root Cause)
Deliverable: Functional MVP
Phase 3: Polish
Weeks 7-8
  • Web Dashboard (Caregiver)
  • Intervention Engine UI
  • Edge case handling
  • UI/UX Refinement
Deliverable: Beta-Ready Product
Phase 4: Launch
Weeks 9-10
  • Security Hardening
  • Performance Tuning
  • App Store Submission
  • Analytics (PostHog) Setup
Deliverable: Production v1.0

12. Required Skills & Team Composition

Solo Founder Feasibility: Possible

A solo technical founder can build the MVP using the managed stack recommended (Expo + Supabase). This removes the need for a dedicated DevOps engineer or Backend specialist. The primary bottleneck will be UI design speed.

Core Skills Needed

  • React Native (Expo): Mid-level. Navigation, State Management.
  • TypeScript: Essential for data integrity.
  • SQL/Postgres: Basic schema design and queries.
  • AI Integration: Prompt engineering basics.

Recommended Team (Ideal)

  • 1 Full Stack Engineer: React Native + Supabase.
  • 1 Product Designer (Contract): 20 hrs/week for UI/UX flows.
  • 1 Clinical Advisor: Part-time consultant for medical accuracy.