Automate rejection triage, fraud detection, FHIR bundle construction, and human-in-the-loop escalation — all in one NPHIES-compliant platform.
From intelligent rejection routing to real-time fraud detection and compliant FHIR submissions.
Automatically classifies and routes rejected claims across five rejection categories using business rules and ML agents.
AES-256-GCM encryption, HMAC-SHA256 signing, PHI field masking, and RBAC — meeting MOH, PDPL, and HIPAA requirements.
Constructs compliant FHIR bundles for NPHIES claim submissions, appeals, and resubmissions.
Isolation Forest anomaly detection, duplicate billing checks, and heuristic fraud scoring per claim.
Async HTTP bridge to Saudi Arabia's national health claims exchange with submission tracking.
Claims exceeding 10,000 SAR are automatically escalated to human reviewers via Google Chat.
Chat bot integration, real-time claim issue tracking, and space management for team collaboration.
Low-code workflow orchestration for claim pipelines, notifications, and downstream integrations.
AI-powered clinical documentation assessment and outcome prediction via Google Cloud.
Each component is independently deployable, containerised, and communicates over HTTP/FHIR.
All services expose FastAPI Swagger UI at /docs and ReDoc at /redoc.
| Service | Port | Endpoint | Method | Description |
|---|---|---|---|---|
| SBS Landing | 8005 | /process | POST | Intake, classify & route claims |
/dashboard | GET | Operational status overview | ||
/health | GET | Health check | ||
| NPHIES Bridge | 8004 | /submit | POST | Submit FHIR bundle to NPHIES |
/status/{claim_id} | GET | Query NPHIES claim status | ||
| Financial Rules | 8003 | /classify | POST | Classify rejection codes |
| Signer | 8002 | /sign | POST | Sign & encrypt FHIR bundles |
| Normalizer | 8001 | /normalize | POST | Standardise incoming claim data |
| Rejection Type | Condition | Action |
|---|---|---|
| Administrative | — | RESUBMIT_NEW |
| Clinical Documentation | — | APPEAL |
| Pre-Authorization | Code starts with BE-1-4 | RESUBMIT_NEW |
| Pre-Authorization | Other codes | APPEAL |
| Medication / Device | — | APPEAL |
| Policy Limitation | Fraud score > 0.7 | VOID |
| Policy Limitation | Fraud score ≤ 0.7 | APPEAL |
Be up and running in under 5 minutes with Docker Compose.
Get the source code from GitHub.
git clone https://github.com/Fadil369/MOH.git cd MOH
Create a .env file with your credentials.
NPHIES_API_URL=https://nphies-sandbox.sa/api AES_KEY=<base64-encoded-32-byte-key> HMAC_KEY=<your-hmac-secret> GOOGLE_CLOUD_PROJECT=your-gcp-project
Spin up all five microservices with Docker Compose.
docker-compose up --build
Send a POST request to the SBS Landing service.
curl -X POST http://localhost:8005/process \
-H "Content-Type: application/json" \
-d '{
"claims": [{
"patient_id": "P-001",
"provider_id": "PROV-100",
"amount_sar": 15000.00,
"rejection_code": "BE-1-4-1",
"date_of_service": "2025-01-15",
"preauth_id": "PA-2025-001"
}]
}'
Verify everything is working with the built-in tests.
pip install -r requirements.txt pytest
Every layer is designed to protect PHI and meet Saudi Arabia's healthcare regulatory standards.
All sensitive claim data encrypted at rest and in transit using authenticated encryption.
FHIR bundles are cryptographically signed to guarantee integrity before NPHIES submission.
Patient IDs and names are automatically masked in all logs and API responses.
Four built-in roles: Billing Admin, Clinical Reviewer, Compliance Officer, and Auditor.
| Role | Read Claims | Submit Claims | Review Clinical | Approve Appeal | View Audit Log | Check Compliance | View Dashboard |
|---|---|---|---|---|---|---|---|
| billing_admin | ✅ | ✅ | — | — | — | — | ✅ |
| clinical_reviewer | ✅ | — | ✅ | ✅ | — | — | — |
| compliance_officer | ✅ | — | — | — | ✅ | ✅ | — |
| auditor | ✅ | — | — | — | ✅ | — | — |