Enterprise System Architecture

Distributed infrastructure serving 12M patients across 2,000 facilities with 99.99% uptime and sub-100ms query performance

Citus Distributed PostgreSQL

FHIR R4/R5 Integration

HIPAA + HITRUST Certified

Quick Reference: Architecture Components

Citus Distributed Database

PostgreSQL extension that shards data across worker nodes (1 coordinator + 3 regional workers) for horizontal scaling

HAPI FHIR Server

Open-source FHIR R4 implementation with 146 resource types and 56 database tables for healthcare data exchange

Monitoring Stack

Prometheus (metrics collection) + Grafana (visualization) + Redis (caching) for real-time system health tracking

Multi-Layer Architecture

Click each layer to explore the technical stack

Infrastructure Layer

Load Balancer

HAProxy with active-active HA pair

• 50,000 requests/second capacity
• SSL/TLS termination (Let's Encrypt)
• <1 second automatic failover

API Gateway

Kong with OAuth 2.0 / JWT authentication

• 10,000 req/min rate limiting
• Circuit breaker protection
• Real-time analytics

CDN / Edge Cache

CloudFront with 450+ global POPs

• 99.9% cache hit rate
• 10 Gbps sustained bandwidth
• DDoS protection (AWS Shield)

Application Layer

Next.js 15 + React 19 Frontend

Rendering

SSR, SSG, ISR with API routes

Performance

First Contentful Paint <0.8s, Lighthouse Score 98

Bundle Size

<200KB gzipped with automatic code splitting

HEDIS Engine

• 90+ HEDIS measures
• Real-time and batch processing
• <100ms per measure calculation
• 99.9% accuracy validated

MIPS Calculator

• Quality, Cost, IA, PI categories
• Real-time score calculation
• CMS certified algorithms
• Automated QPP submission

Care Gap Analyzer

• ML-powered gap detection
• Risk-based prioritization
• Automated intervention suggestions
• Real-time closure tracking

Platform Services

HAPI FHIR Server

HL7 FHIR R4/R5 compliant with 100M+ resources

• SMART on FHIR authorization
• Bulk data import/export ($import/$export)
• Subscriptions and webhooks
• Full audit logging (provenance tracking)
• CDS Hooks integration

n8n Workflow Engine

500+ automated workflows executing 10,000/hour

• Visual workflow builder
• Error handling and retry logic
• Webhook triggers
• Scheduled executions (cron)
• 200+ healthcare system integrations

Redis Cluster

128GB memory across 6 nodes, 1M ops/second

• Session management
• Real-time pub/sub messaging
• Application cache layer
• Rate limiting counters
• Leaderboards and rankings

Consul Service Mesh

• Service discovery and health checking
• Secure service-to-service communication
• Traffic management and routing

Prometheus

• Time-series metrics collection
• PromQL query language
• Alerting rules engine

Grafana

• Real-time dashboard visualization
• Custom metric queries and alerts
• Multi-datasource support

Data Layer

Citus Distributed PostgreSQL Cluster

Architecture: 1 coordinator node + 3 regional worker nodes with automatic sharding by tenant_id

# Citus Cluster Topology

Coordinator: hedis-postgres-prod (port 5432)

├─ Worker 1: US East Region

├─ Worker 2: US Central Region

└─ Worker 3: US West Region

Sharding Key: tenant_id (organization)

Replication Factor: 3x (high availability)

Performance Specifications

Capacity: 50TB total storage across workers
Read Performance: 100,000 QPS (queries per second)
Write Performance: 50,000 TPS (transactions per second)
Replication Lag: <100ms between nodes
Query Time: Sub-100ms for distributed queries

Key Features

• Distributed SQL queries across all workers
• Columnar storage for analytics workloads
• Real-time replication with automatic failover
• Point-in-time recovery (PITR) to any second

Citus Distributed PostgreSQL Architecture

Coordinator Node

Query Router

Port: 5432

Distributes queries to workers

Worker 1

US East Region

Patients:5M

Storage:15TB

QPS:35K

Active

Worker 2

US Central Region

Patients:4M

Storage:12TB

QPS:28K

Active

Worker 3

US West Region

Patients:3M

Storage:10TB

QPS:22K

Active

Total Cluster Capacity

12M

Total Patients

37TB

Total Storage

85K

Queries/Second

99.995%

Availability

Coordinator Node

Query Router - Port 5432

Worker 1 - US East

Active

Patients

15TB

Storage

35K

QPS

Worker 2 - US Central

Active

Patients

12TB

Storage

28K

QPS

Worker 3 - US West

Active

Patients

10TB

Storage

22K

QPS

Total Cluster Capacity

12M

Patients

37TB

Storage

85K

QPS

99.995%

Uptime

Horizontal Scaling

Add workers to increase capacity linearly

Regional Distribution

Data locality reduces latency by 60%

Real-time Replication

<100ms lag between nodes

TimescaleDB

Time-series extension for PostgreSQL

• 7-year data retention policy
• 95% compression ratio on historical data
• 1 billion+ time-series data points
• 50+ continuous aggregates
• Automatic time-based partitioning

MongoDB Cluster

Document store for unstructured data

• 200+ collections
• 500M+ documents
• 3-node replica set for HA
• Sharding by document type
• Compound and text indexes

Apache Kafka

Event streaming platform

• 100+ topics for event types
• 1M messages/second throughput
• 30-day retention window
• 1000+ partitions for parallelism
• 3x replication factor

Defense-in-Depth Security Architecture

HIPAA, HITRUST CSF, and SOC 2 Type II certified infrastructure

Network Security

VPC with private subnets (no public internet access)
Network ACLs and Security Groups (least privilege)
AWS WAF for application-layer protection
DDoS protection (AWS Shield Standard)

Identity & Access

Multi-factor authentication (MFA) required
Role-based access control (RBAC)
Single Sign-On (SSO) with SAML 2.0
API key rotation every 90 days

Data Protection

Encryption at rest (AES-256)
Encryption in transit (TLS 1.3)
Database field-level encryption for PHI
Key management (AWS KMS with rotation)

Compliance & Auditing

HIPAA compliance with BAA
HITRUST CSF certified
SOC 2 Type II attestation
Full audit logging to SIEM (Splunk)

Incident Response

24/7 SOC monitoring
Automated threat detection (SIEM rules)
15-minute incident response SLA
Documented disaster recovery plan

Backup & Recovery

RTO (Recovery Time Objective): 1 hour
RPO (Recovery Point Objective): 5 minutes
Continuous database replication
30-day hot storage, 7-year cold archival

System Performance Metrics

Real-world performance serving 12M patients across 2,000 facilities

Current System KPIs

Metric	Target	Current	Status
System Availability	99.99%	99.995%	✅ Exceeding
API Latency (p99)	< 50ms	45ms	✅ Meeting
Page Load Time	< 2s	1.5s	✅ Exceeding
Error Rate	< 0.1%	0.01%	✅ Exceeding
Throughput	10K req/s	12K req/s	✅ Exceeding
Data Processing	1TB/day	1.2TB/day	✅ Exceeding

Scalability Headroom

Component	Current	Max Capacity	Utilization
API Server Pods	10 pods	50 pods	20%
Database Connections	500	5,000	10%
Redis Memory	12GB	128GB	9%
Kafka Throughput	100K/s	1M/s	10%
Storage Capacity	5TB	50TB	10%

Infrastructure Headroom: System currently operates at ~10-20% capacity, providing 5-10x growth runway before scaling required

Ready to See This Architecture in Action?

Schedule a technical deep-dive with our Solutions Architects to explore how this infrastructure serves your specific needs

Schedule Architecture Review Compare to Legacy Systems