Xenara
← All case studies·HealthcareUnited StatesCustom Software · Integration Layer

Clinical operations integration layer for a US mid-market healthcare SaaS

Built the integration + workflow layer that connects a US clinical operations SaaS to hospital EHRs, lab analyzers, and billing back-ends. HIPAA-aware architecture, audit logging by default.

Client:US-based clinical operations SaaS (under NDA)
By·Founder, Xenara
EHR vendors3 production integrations
ProtocolsHL7 v2 · FHIR
ComplianceHIPAA-aware audit
TestsEnd-to-end shipped

The client

A US-based mid-market clinical operations SaaS that sells into hospitals and large clinics. Their product depends on data flowing in from hospital EHRs, lab analyzers, and billing back-ends — and flowing out to clinical workflows and reporting. The integration layer was the bottleneck on every new customer rollout.

Client name is under NDA per their request — references available on a private call. Engagement covers production code and ongoing engineering support.

The problem

  • Each new hospital required a custom integration with the hospital's EHR, taking weeks of engineering time per customer.
  • HL7 v2 message handling was inconsistent across customers; FHIR was promised but not yet shipped.
  • Lab analyzer feeds came in as files, emails, and proprietary protocols — every customer was a snowflake.
  • Audit logging was retrofitted. HIPAA conversations with hospital IT were slow and risk-flagged because the trail wasn't clean.
  • End-to-end tests didn't exist for the integration surface. Every release was a manual smoke check against staging hospitals.

What Xenara built

  • A first-class integration layer with adapter modules per protocol (HL7 v2, FHIR, file-drop, proprietary REST), normalized to a single internal canonical model.
  • Production-grade message routing — at-least-once delivery, idempotent processing, dead-letter queues, retry policies tuned per hospital's connectivity profile.
  • HIPAA-aware audit logging on every PHI-touching action with actor, timestamp, source, and content fingerprint — exportable for hospital security review without engineering involvement.
  • End-to-end test harness with synthetic patient data covering every supported message type, run on every PR. Regressions caught before customers see them.
  • Production observability — every message, every transformation, every downstream call traced, with cost and latency dashboards.
Healthcare integration is half protocol, half operations. The protocol part is solvable in a quarter. The operations part — audit, retries, evidence on demand for IT security teams — is what determines whether the deal closes.

Outcomes

  • New hospital onboarding time cut from weeks of bespoke engineering to days of configuration.
  • Three EHR vendor integrations live in production, with the pattern in place for additional vendors.
  • HIPAA conversations with hospital IT teams compress — audit evidence is available on demand instead of requiring an engineering ticket.
  • Engineering team reclaims focus for product work instead of bespoke integration firefighting.

If you're building a healthcare SaaS

Talk to us before your integration surface becomes a snowflake-per-customer problem. See our custom software development service or our healthcare industry page. Or email hello@xenara.ai.

← All case studiesStart a Project