Security and standards

Built for clinical trust before it asks for system integration.

Yanga starts with the health record patients already carry: paper. The standards path keeps the source visible, makes AI uncertainty explicit, and prepares the data model for HL7 FHIR interoperability without claiming certifications the MVP has not earned.

Current controls

The product makes trust inspectable.

Patient-mediated access

A provider sees a record only when the patient generates a short code. The provider view is read-only and scoped to the shared record.

Source-linked clinical data

Every extracted medication, diagnosis, allergy, vital, and lab keeps the source document and page index that produced it.

Visible AI confidence

AI-only fields remain labeled until a patient or provider reviews them. Low-confidence extractions are marked for human review.

Patient audit trail

Share events, review actions, and record changes are visible to the patient so access does not disappear into a backend log.

Interoperability path

FHIR-ready, with clear certification boundaries.

Standards matter when they help patients and clinics exchange useful information. The MVP keeps the model lean, then maps to standards when a partner workflow requires it.

Current MVP

FHIR-aligned internal record

The present schema keeps medications, observations, diagnoses, allergies, source documents, confidence, and review state in a form that can map to FHIR later.

Pilot path

International Patient Summary mapping

The next interoperability layer should export a patient summary using FHIR resources such as MedicationStatement, Observation, Condition, and AllergyIntolerance.

Partnership path

SMART on FHIR and local integration

When a hospital partner requires integration, Yanga can add a standards-based read layer without replacing the patient-owned capture workflow.

Claims posture

Clear boundaries are part of the product.

Clinical role

Record-keeping and provenance tool. Not a diagnostic device.

Geography

Designed first for Cameroon and African care settings where paper records remain common.

HIPAA

Not claimed for the Cameroon pilot. Add a BAA and US compliance path before storing US patient data.

FHIR

Architecture path is FHIR-ready. No claim of ONC certification or FHIR server certification in the MVP.

AI

Extraction assists record organization. Human verification remains visible and required before clinical decisions.

View source-linked demoDiscuss a pilot