System Architecture

The API Gateway is the single entry point for all developer and application interactions with the Aimedis platform. Every API request passes through this layer before reaching internal services.

The gateway enforces authentication, validates bearer tokens, applies rate limiting policies, and routes requests to the appropriate internal service layer based on the endpoint path and request context.

The Identity and Access Layer manages all user identities on the platform — including patients, healthcare providers, and developer applications. It implements OAuth2-based authentication with support for multiple grant types.

Consent management is a core responsibility of this layer. All data access requests are verified against the patient consent registry before proceeding to the data infrastructure layer.

The Healthcare Data Infrastructure layer provides secure, structured storage for all medical information within the platform. All patient records, clinical observations, and healthcare documents are stored in FHIR-compliant formats.

This layer enforces end-to-end encryption, maintains audit logs for every data access event, and applies consent-driven access controls to ensure data is only accessible to authorized parties.

The Interoperability Layer implements the healthcare industry standard protocols that allow the Aimedis platform to communicate with external hospital systems, laboratory information systems, and health information exchanges.

FHIR R4 resource endpoints and HL7 v2 message processing are the primary interfaces of this layer, enabling seamless data exchange with any compliant healthcare system.

The AI Services Layer provides the infrastructure for building and deploying clinical AI models on top of the platform healthcare data. All AI processing operates on anonymized or consent-authorized patient data.

This layer supports diagnostic assistance, predictive analytics, imaging analysis, clinical risk modeling, and automated workflow tools — all designed as clinician-assisted systems, not autonomous decision makers.

The XR Platform Layer provides the infrastructure for building immersive healthcare experiences using Virtual Reality, Augmented Reality, and Mixed Reality technologies. It supports Unity, Unreal Engine, and WebXR development frameworks.

XR applications can access platform APIs for patient identity, medical record retrieval, AI model inference, and real-time collaboration — all within the same security and consent framework as other platform applications.

The Secure Data Layer is the lowest and most protected tier of the platform architecture. It provides the physical and logical storage infrastructure for all encrypted medical records, clinical data, audit logs, and AI training datasets.

All data in this layer is encrypted at rest using industry-standard encryption. Access to the secure data layer is only possible through the layers above it — no direct external access is permitted.