Name: Openevidence Data Handling
Author: jeremylongshore

Search skills.../

Openevidence Data Handling | Skills Pool

interface ClinicalQuery {
  queryId: string; clinicianId: string; queryText: string;
  patientContext?: { age?: number; sex?: string; conditions?: string[] };
  timestamp: string;
}

async function submitClinicalQuery(query: ClinicalQuery): Promise<string> {
  const sanitized = { ...query, queryText: deidentifyPHI(query.queryText) };
  const res = await fetch('https://api.openevidence.com/v1/query', {
    method: 'POST',
    headers: { Authorization: `Bearer ${process.env.OPENEVIDENCE_API_KEY}`, 'Content-Type': 'application/json' },
    body: JSON.stringify(sanitized),
  });
  return (await res.json()).evidenceId;
}

function deidentifyPHI(text: string): string {
  return text
    .replace(/\b(MRN|mrn)[:\s]?\d{6,}\b/g, '[MRN_REDACTED]')
    .replace(/\b\d{3}-\d{2}-\d{4}\b/g, '[SSN_REDACTED]')
    .replace(/\b(DOB|dob)[:\s]?\d{1,2}\/\d{1,2}\/\d{2,4}\b/g, '[DOB_REDACTED]')
    .replace(/\b[A-Z][a-z]+ [A-Z][a-z]+, (MD|DO|NP|PA)\b/g, '[PROVIDER_REDACTED]');
}

async function exportEvidenceSummary(queryIds: string[]) {
  const summaries = [];
  for (const id of queryIds) {
    const res = await fetch(`https://api.openevidence.com/v1/evidence/${id}`, {
      headers: { Authorization: `Bearer ${process.env.OPENEVIDENCE_API_KEY}` },
    });
    const data = await res.json();
    summaries.push({ queryId: id, citations: data.citations,
      summary: deidentifyPHI(data.summary), confidence: data.confidenceScore });
  }
  return summaries;
}

function validateClinicalQuery(q: ClinicalQuery): string[] {
  const errors: string[] = [];
  if (!q.queryId) errors.push('Missing query ID');
  if (!q.clinicianId) errors.push('Missing clinician identifier');
  if (!q.queryText || q.queryText.length < 10) errors.push('Query too short for meaningful evidence retrieval');
  if (q.queryText.length > 5000) errors.push('Query exceeds 5000 char limit');
  if (/\b\d{3}-\d{2}-\d{4}\b/.test(q.queryText)) errors.push('CRITICAL: SSN detected in query text');
  if (/\b(MRN|mrn)[:\s]?\d{6,}\b/.test(q.queryText)) errors.push('CRITICAL: MRN detected in query text');
  if (q.timestamp && isNaN(Date.parse(q.timestamp))) errors.push('Invalid timestamp');
  return errors;
}

Issue	Cause	Fix
PHI detected in stored query	De-identification regex missed a pattern	Add pattern to `deidentifyPHI`, re-scan stored queries
API 403 on query submission	BAA not on file or expired API credentials	Verify BAA status, rotate API key
Evidence response contains patient name	Upstream model hallucinated PHI	Post-process all responses through de-identification before display
Audit log gap	Logging service outage during query window	Replay from API request logs, flag gap in compliance report
Export exceeds size limit	Too many citations in bulk export	Paginate export, limit to 50 evidence summaries per request

Data Type	Sensitivity	Retention	Encryption
Clinical queries (may contain PHI)	Critical	De-identify within 24h, purge raw in 7 days	AES-256 + TLS, field-level for PHI
Evidence citations	Low	Indefinite (public literature)	TLS in transit
Patient-contextualized responses	High (derived PHI)

Data Type	Sensitivity	Retention	Encryption
Clinical queries (may contain PHI)	Critical	De-identify within 24h, purge raw in 7 days	AES-256 + TLS, field-level for PHI
Evidence citations	Low	Indefinite (public literature)	TLS in transit
Patient-contextualized responses	High (derived PHI)

Openevidence Data Handling

Overview

Data Classification

Openevidence Data Handling

Overview

Data Classification

Data Import

Data Export

Data Validation

Compliance

Error Handling

Resources

Next Steps

Nanoclaw Repl

Bioinformatics

Smart Explore

Vector Database Engineer

Skin Health Analyzer

Scanpy