These recipes demonstrate HIPAA-compliant approval workflows designed for healthcare operations, with built-in audit trails and access controls.
Patient Data Access
Treatment Plans
Medication Changes
Remote Care
Patient Data Access
Secure patient record access with role-based approvals and automatic logging.const accessPatientRecords = needsHumanApproval({
type: 'sync',
title: 'Patient Record Access',
ask: (args) => `Approve access to records for patient #${args.patientId}?`,
// Auto-approve for attending physicians
autoApprove: async (args) => args.requestorRole === 'ATTENDING_PHYSICIAN'
})
- Third-party provider requests
- Research data access
- Insurance company requests
- Emergency access situations
- Always document access reason
- Set appropriate time limits
- Maintain detailed audit logs
- Consider emergency protocols
Treatment Plan Modifications
Handle treatment plan changes with appropriate clinical oversight.const modifyTreatmentPlan = needsHumanApproval({
type: 'async',
title: 'Treatment Plan Update',
ask: (args) => {
const priority = args.urgency === 'HIGH' ? '🔔 HIGH PRIORITY: ' : '';
return `${priority}Review treatment plan changes for patient #${args.patientId}`;
},
approvers: (args) => {
const approvers = [{
name: 'Primary Physician',
email: `dr-${args.primaryPhysicianId}@hospital.com`
}];
// Add specialist approval if needed
if (args.requiresSpecialist) {
approvers.push({
name: 'Specialist',
email: `dr-${args.specialistId}@hospital.com`
});
}
return approvers;
},
approvalArguments: {
currentPlan: {
type: 'longString',
value: args.currentPlan,
label: 'Current Treatment Plan',
editable: false
},
proposedChanges: {
type: 'longString',
value: args.changes,
label: 'Proposed Changes',
editable: true
},
clinicalReason: {
type: 'string',
value: args.reason,
label: 'Clinical Justification',
editable: true
}
}
})
- Primary physician review
- Specialist consultation
- Care team coordination
- Insurance pre-authorization
Medication Changes
Manage medication changes with pharmacy oversight and interaction checking.const updateMedication = needsHumanApproval({
type: 'sync',
title: 'Medication Change',
ask: (args) => `Approve change in medication for patient #${args.patientId}?`,
autoApprove: async (args) => !args.hasInteractions
})
All medication changes automatically check for drug interactions and require pharmacy approval if interactions are detected.
Remote Care Authorization
Handle remote care and telehealth approvals with licensing verification.const authorizeRemoteCare = needsHumanApproval({
type: 'sync',
title: 'Remote Care Authorization',
ask: (args) => `Authorize remote care session for patient #${args.patientId}?`,
approvalArguments: {
serviceType: {
type: 'string',
value: args.serviceType,
label: 'Service Type',
editable: true
},
patientLocation: {
type: 'string',
value: args.location,
label: 'Patient Location',
editable: false
},
crossState: {
type: 'boolean',
value: args.isCrossState,
label: 'Cross-state Care',
editable: false
},
providerLicense: {
type: 'string',
value: args.providerLicenses.join(', '),
label: 'Provider Licenses',
editable: false
}
},
// Check licensing for cross-state care
shouldSeekApprovals: async (args) => {
return args.isCrossState || args.serviceType === 'CONTROLLED_SUBSTANCE';
},
// Require medical director approval for certain cases
approvers: (args) => {
if (args.isCrossState || args.serviceType === 'CONTROLLED_SUBSTANCE') {
return [{ name: 'Medical Director', email: '[email protected]' }];
}
return [{ name: 'Care Coordinator', email: '[email protected]' }];
}
})
- State licensing verification
- Patient location validation
- Service type restrictions
- Provider credentials
Next Steps
