Clinical / healthcare SaaS development — multi-tenant, PDF reports, voice analysis.

Technical problems we have actually solved in this category

• 01

  SpeechMap 4-Path voice analysis engine

  Acoustic features (Jitter / Shimmer / HNR / Pitch), Google STT pause analysis, MFA phoneme accuracy, and an AI clinical-diagnosis report — four paths fused inside one engine. Cloud Run 4GB / 2vCPU production.

  SpeechMap · Dururbarun Social Cooperative clinical R&D

• 02

  @react-pdf/textkit Korean NFD decomposition fix

  React-PDF's textkit decomposes Korean characters into NFD form, which breaks rendering. We patched textkit directly via patch-package. Twelve types of clinical reports now render with embedded Pretendard font.

  plate-engine · HiBle / Plate Clinic

• 03

  Clinical data FK chain integrity

  Child registration → annual rescreen (2025 / 2026 carryover) → core screening → therapy assignment → recording → research dataset, all linked via FKs. PL/pgSQL RPCs wrap year-on-year duplicate checks in a single transaction.

  Hallym University · language-screening-platform-2025 (111 PRs)

• 04

  Multi-tenancy — why RLS alone isn't enough

  Per-center data isolation is RLS's job. But platform-admin impersonation, Toss payment settlement, and aggregated statistics each need a separate authority model. plate-engine runs platform_admin · center_admin · clinician as a 3-tier system.

  plate-engine · HiBle

• 05

  Personal-data consent workflow

  We enforce Korea's Personal Information Protection Act + Medical Service Act in code: consent → collection → use → deletion as 4 explicit stages. Live with Dururbarun, the Band Foundation, and Gangwon Office of Education.

  Dururbarun Social Cooperative · Gangwon Office of Education

• 06

  Light · Premium multilingual PDF reports

  12 test types × Light (5 pages) / Premium (12+ pages) × domestic / international audience × ko / en / ru — 30+ PDF variants rendered server-side via React-PDF with embedded Pretendard, then auto-uploaded to Supabase Storage.

  plate-engine

Frequently asked questions

How do you meet clinical data security requirements?

We default to Korea's Personal Information Protection Act + Medical Service Act + MOHW guidelines. Consent workflow, 5-year retention with auto-deletion, anonymization / pseudonymization, audit trails, and double backups are all included. HIPAA-grade systems require a separate scoping conversation.

Does my product fall under SaMD or GMP medical-device regulation?

If the software directly drives diagnosis or treatment decisions, it can be classified as SaMD (Software as a Medical Device), which requires KFDA / MFDS certification. SpeechMap-style "screening + next-test recommendation" falls outside the device classification, but clinical decision support requires separate review. We have prior connections with KFDA consultants.

Is Supabase RLS alone enough for multi-tenancy?

Per-center data isolation is 99% solved by RLS. But platform-admin impersonation, payment settlement, and region-wide statistics each need a separate authority model. plate-engine runs a tested pattern combining RLS with PL/pgSQL RPCs across platform_admin · center_admin · clinician tiers.

Korean PDF rendering is hard — how do you solve it?

@react-pdf/textkit decomposes Korean glyphs into NFD form, breaking the output. We patch textkit directly via patch-package and embed the Pretendard font server-side. The 12 plate-engine clinical reports run on this exact pattern.

How do you guarantee research data integrity?

PL/pgSQL RPCs wrap registration, carryover, and rescreen logic in a single transaction. Jest + ts-jest unit tests, plus fixture / schema synchronization, block regressions. Hallym's language-screening-platform-2025 has held this integrity across 111 PRs over four years.

Cloud Run vs Vercel — which is right for clinical workloads?

Python / MFA / Praat-style voice-analysis workloads belong on Cloud Run (containerized, 4GB / 2vCPU). The Next.js web tier + Supabase belong on Vercel sin1 region. Splitting the two ends and calling a centralized engine URL is the standard SpeechMap topology.