Qiri · Solution Design

Pharmacist Console & Patient Kiosk — Reference Architecture

End-to-end clinical-intelligence platform on Google Cloud. The in-pharmacy console is the wedge (Phase 1); the patient kiosk and central command centre extend it (Phase 2); the neuro-symbolic Qiri reasoning engine and the context graph are the business underneath both.

GCP · australia-southeast1 Claude + Gemini on Vertex AI Full 2-way dispense integration PBS + My Health Record (now) v0.1 · 2026-05-30

Decisions this design is built on

Dispense integration: full bi-directional API / HL7v2 / FHIR with existing AU dispense software (FRED, Minfos, Z, LOTS, Aquarius/Corum) via an on-site connector with write-back.
AI layer: both Claude and Gemini served on Vertex AI behind a model router — Claude for nuanced clinical reasoning, counselling and patient-level translation; Gemini for multimodal triage, OCR and high-volume tasks. Neither model ever dispenses directly.
Kiosk: the full surface — counselling + triage + script intake, OTC/S2-S3 vending, robotic Rx dispensing, and telepharmacy link to a remote pharmacist.
Compliance: all PHI in australia-southeast from day one, with PBS Online and My Health Record integrated now (not deferred), plus consent + immutable audit.

Non-negotiable design law (from project CLAUDE.md)

Qiri is neuro-symbolic, not an LLM wrapper. Model output never flows directly to a dispensing decision. Every clinical proposal passes the symbolic safety layer (CQL rules, hard ceilings) and is gated by a licensed pharmacist — on the console (Phase 1) or via the command centre (Phase 2 kiosk). Every decision emits a full reasoning trace. PHI stays in-region and is redacted by default in logs.

01System architecture

Five layers: client surfaces → on-site edge → GCP perimeter (security, services, reasoning engine, data) → external & government integrations. Dashed boxes are placeholders you still need to choose, procure, or build.

Phase 1 (Prove)
Phase 2 (Extend)
Safety gate
External / government
Placeholder / to procure

→ synchronous request
⇢ async event / trace
⇒ live audio / video
tinted panel = trust boundary
★ clinical safety gate — all model output passes here

Pharmacist ConsolePhase 1 · in-store

Command CentrePhase 2 · remote

Patient KioskPhase 2 · self-service

Patient PWAscript lodge

↓ clinical events ↓

On-site Edge

semi-trusted zone

Dispense ConnectorFHIR R4 · HL7v2

Kiosk Edge Runtimeoffline cache · local safety

Kiosk Hardwarepartner-built

Qiri Platform

GCP · australia-southeast1 · VPC-SC perimeter

Application services · Cloud Run

Dispense Orchestrator

Kiosk Orchestrator

Integration

Consent & Audit

Reasoning engine · neuro-symbolic

Claude · Vertex AIreasoning · counselling

Gemini · Vertex AImultimodal · OCR · scale

Model Router

Grounding · RAGAMH · PBS · guidelines

★ SYMBOLIC SAFETY GATECQL rules · hard ceilings — every model output passes here before any dispense

Government & Partners

external integrations

PBS · My Health RecordPRODA · NASH PKI

SafeScript / RTPMcontrolled drugs

AHPRAregistration

PaymentsTyro · Stripe

Telepharmacy AVWebRTC

mTLS

Qiri Integration Bus · API Gateway · Apigee · Identity Platform

OAuth / OIDC

↕

AlloyDBPHI · scripts

Context Graphthe moat

BigQueryde-identified

Cloud Storagedocs · A/V

Cloud KMSCMEK · secrets

02Clinical decision flow — the gate

This is the heart of the system and the regulatory story. The LLM proposes; the symbolic layer disposes; the pharmacist decides; the trace compounds. Same flow whether the script arrives at the console (Phase 1) or the kiosk (Phase 2) — only the human-in-the-loop location changes.

sequenceDiagram
  autonumber
  participant SRC as Script source
PMS · eScript · kiosk
  participant ORCH as Orchestrator
  participant ENG as Reasoning engine
Claude · Gemini
  participant GATE as Symbolic safety gate
CQL · hard ceilings
  participant REV as Pharmacist
console / command centre
  participant DISP as Dispense + hardware
  participant GRAPH as Context graph + audit

  SRC->>ORCH: New script + patient history (PHI)
  Note over ORCH: normalize to FHIR R4 · redact for prompt
  ORCH->>ENG: De-identified clinical context
  ENG->>ENG: Draft proposal · cite AMH / PBS
  ENG->>GATE: Proposal (advisory only)
  Note over GATE: LLM output never dispenses.
Hard rules decide.
  alt Hard rule violated
    GATE-->>REV: HALT + full reasoning trace
    REV->>DISP: Hold · contact prescriber
  else Within safe bounds
    GATE-->>REV: Recommendation + counselling note + trace
    REV->>DISP: Approve / modify
    DISP-->>SRC: Write-back status (FHIR)
  end
  REV-)GRAPH: Pharmacist action + outcome
  GATE-)GRAPH: Rules fired · model · citations
  Note over GRAPH: Every decision traced →
indemnity defence + network moat

03Patient kiosk — edge & hardware

Qiri is the intelligence layer, not a hardware manufacturer. The physical kiosk is partner-built (ScriptPro / Parata / Wellmation class). Edge compute holds an offline cache and a local safety fallback so the unit degrades safely if the WAN drops, and the camera/mic bridge a remote pharmacist for telepharmacy.

Patient Kiosk

secure cabinet · partner-built hardware

Patient I/O

Touchscreenno keyboard

ScannerMedicare · ID · eScript QR

Camera · mic · speakertelepharmacy A/V

Label + receipt

Edge Runtimeoffline cache · local safety fallback · orchestration

Dispense mechanism

OTC / S2-S3 vending

Robotic Rx dispense

EFTPOS

→ online: edge sends full reasoning to platform, receives approved dispense · ⇒ live A/V counselling bridges to the command centre · ⇢ WAN down: edge falls back to local rules, safe-deny + queue

04Component reference

Named GCP services per layer, with the phase each is needed. "Build now" vs phased is a sequencing hint, not a hard line.

Compute, API & identity

Component	GCP service	Role	Phase
Pharmacist console host	`Firebase Hosting` + `Cloud CDN`	Serve Next.js console to in-store workstations	P1
API edge	`Apigee` / `API Gateway` + `Cloud Armor`	Auth, rate limit, routing, WAF/DDoS	P1
Identity	`Identity Platform` + `Cloud IAM`	Pharmacist + patient auth; service-account least privilege; AHPRA-linked roles	P1
Application services	`Cloud Run` (or `GKE Autopilot`)	Dispense orchestration, counselling, integration, audit, kiosk orchestration, command centre	P1 P2
Eventing	`Pub/Sub`, `Eventarc`, `Workflows`	Dispense events, async pipelines, orchestration	P1

Reasoning engine (neuro-symbolic)

Component	GCP service	Role	Phase
Reasoning models	`Vertex AI` — Claude + Gemini	Claude: clinical reasoning, counselling, patient-level translation. Gemini: multimodal triage, OCR, high-volume.	P1
Model router	`Cloud Run` service	Route per task type / cost / latency; fail-over between models	P1
Symbolic safety layer	Custom `CQL` rules engine on `Cloud Run`	Hard ceilings + clinical rules gate every proposal. Source of truth for "do not dispense".	P1
Knowledge retrieval (RAG)	`Vertex AI Search` + `Vector Search`	AMH, PBS schedule, clinical guidelines grounding	P1
Document OCR	`Document AI`	Script / label extraction at kiosk and console	P1
Voice	`Speech-to-Text` / `Text-to-Speech`	Kiosk voice counselling, accessibility	P2
Trace + context graph	`BigQuery` + graph store (TBD)	Structured decision traces — the compounding moat	P1

Data & security

Component	GCP service	Role	Phase
Operational / PHI store	`AlloyDB` or `Cloud SQL (Postgres)`	Scripts, patients, transactions — CMEK encrypted	P1
Real-time state	`Firestore`	Console + kiosk live session state	P1
Object store	`Cloud Storage` (CMEK)	Documents, telepharmacy recordings, images	P1
Cache / sessions	`Memorystore (Redis)`	Low-latency session + lookup cache	P1
Analytics	`BigQuery`	Population health (de-identified via `DLP API`), A/B, ops	P1
Keys & secrets	`Cloud KMS` (CMEK) + `Secret Manager`	Customer-managed encryption, credential storage	P1
Compliance perimeter	`VPC Service Controls`, `Private Service Connect`, `DLP API`, `Security Command Center`	Data exfil prevention, PHI scanning/redaction, posture	P1
Observability	`Cloud Logging` / `Monitoring` / `Trace` + `Audit Logs`	Immutable audit trail, alerting, distributed tracing	P1
CI/CD + IaC	`Cloud Build`, `Artifact Registry`, `Cloud Deploy`, Terraform	Reproducible, auditable deploys	P1

05Placeholders — what you still need to choose, procure, or build

Everything dashed in the diagrams, grouped so you can hand each cluster to the right owner (Jon = product/UX/vendors, Javed = AI/architecture, David Hanin = clinical/regulatory).

🖥️ Hardware (Phase 2)

Kiosk OEM partner — ScriptPro / Parata / Wellmation (decide buy-vs-partner)
Robotic Rx dispense unit model + capacity
OTC / S2-S3 vending mechanism
Touchscreen, camera, mic/speaker array spec
Medicare/ID + eScript QR scanner
Label + receipt printer
EFTPOS terminal (Tyro / Smartpay)
Edge compute device (industrial mini-PC / ChromeOS / Android kiosk)
Secure cabinet, tamper sensors, environmental/temp monitoring
UPS + 4G/5G failover modem

🧱 Apps / software to build

Pharmacist console (Next.js) — in build
Kiosk client app (kiosk-mode, offline-first)
Central command-centre console
Dispense connector agent (per-PMS adapters)
Model router + CQL safety engine
Patient mobile / PWA (optional)
Consent + audit service

🔌 Third-party SaaS / vendors

Payment processor (Tyro / Stripe / Adyen)
Telepharmacy AV transport (WebRTC: LiveKit / Twilio / Daily)
SMS / email / push (notifications)
eScript exchange access (eRx / MediSecure)
Error/observability add-ons (Sentry, if any)

☁️ Cloud / GCP to stand up

GCP org + folder/project structure (prod / staging / dev)
VPC-SC perimeter + Private Service Connect
Vertex AI: enable Claude (Model Garden) + Gemini, quotas
CMEK key rings in australia-southeast1
Graph store choice for context graph (Spanner Graph / Neo4j on GKE / BigQuery)
DR region (-southeast2) + backup policy
Cloud VPN / Interconnect to pharmacy sites

⚖️ Regulatory / accreditation

My Health Record CSP onboarding + NASH PKI certificates
PBS Online via PRODA (Services Australia)
SafeScript / RTPM connection (controlled drugs)
Active Script List registration
AHPRA pharmacist verification process
Privacy Act / APP compliance + DPIA
State pharmacy board sign-off for kiosk model (Phase 2)
Clinical validation owner (David Hanin — CCO & Head of Pharmacy)

🤝 Partner / data agreements

PMS vendor integration agreements (FRED, Minfos, Z, LOTS, Aquarius)
Anthropic + Google data-processing terms on Vertex
Drug knowledge licensing (AMH, MIMS)
Pilot pharmacy partner agreements

06Open architecture decisions

Questions worth resolving before you commit code or spend. None block drawing the system, but each changes a box above.

#	Decision	Why it matters	Owner
1	Context-graph store: Spanner Graph vs Neo4j-on-GKE vs BigQuery relational	It's the moat; query shape + scale + ops burden differ a lot	Javed
2	Cloud Run vs GKE Autopilot for services	Cloud Run is cheaper/simpler; GKE if you need fine-grained networking or sidecars for VPC-SC	Javed
3	Dispense connector: on-prem agent vs cloud-hosted with site VPN	On-prem is more resilient/offline-friendly but more to maintain across sites	Javed / Jon
4	How much safety logic runs at the kiosk edge offline	Determines safe-degradation behaviour when WAN drops (CLAUDE.md principle 5)	Javed + David
5	Kiosk OEM: integrate an existing dispenser vs spec a custom cabinet	Speed, capex, and regulatory surface for Phase 2	Jon
6	Telepharmacy transport (LiveKit self-host vs Twilio/Daily)	Latency, cost, and whether AV recordings stay in your GCP boundary	Jon / Javed

Qiri solution architecture · v0.1 · generated 2026-05-30. Brand tokens from design-system/qiri-tokens.css. Diagrams render with Mermaid; edit the source in this file to revise. Reflects decisions: 2-way dispense integration, Claude+Gemini on Vertex, full kiosk surface, PHI+PBS+MHR from day one.