Starlight — the EMR that crushes Atlas.MD

Forge tier — one of our bigger bets. Actively shipping. Hardened by Hydra. Customer zero locked in (Dr. Yogini). The wedge against Atlas.MD is real and quantified.

What it is

Starlight is a Direct-Primary-Care EMR for pediatricians. The system Dr. Yogini and other small-practice pediatricians use to run their entire clinic — charting, visits, prescriptions, calendar, billing, patient communication, parent app — with AI woven through every surface as substrate, not sidecar.

The incumbent is Atlas.MD. Starlight is positioned to make Yogini stop using Atlas at month 7 of the 7-sprint timeline.

The two surfaces

Surface	URL	What it is
Clinician app	starlight-md-prototype.netlify.app (login: starlight / CrushAtlas2026!)	Today screen, work queue, AI scribe with cloned-voice playback, SOAP notes side-by-side with transcript, ICD-10 auto-suggest, chart redesign with 13 working tabs, calendar week view, vs-Atlas comparison page
Parent app	starlight-parent-app.netlify.app	Mobile-first app for parents: child progress, meds, next visit, doctor communication, push notifications with auto-generated plain-language visit summaries

The pitch in one line

Atlas.MD is the incumbent EMR for DPC pediatricians. Starlight is AI-native (not AI-sidecar), ships features Atlas can't without rebuilding their stack (parent app + auto-generated visit summary + AI scribe with the doctor's own cloned voice + newborn home-visit billing), and uses synthetic personas to develop and test against HIPAA-safe edge cases Atlas has never seen. Direct-Primary-Care is growing 800% over 5 years; the practice management software is decades behind the model.

Customer zero — Dr. Yogini

The whole product is anchored on a real practicing pediatrician. Dr. Yogini Surana runs Starlight Pediatrics — the live practice at starlight-pediatrics.netlify.app.

• 81 active patients, +20.9% YoY, $4,752 May charges, 100% Stripe subscriptions
• Currently uses Atlas.MD as her EMR (we toured starlightpediatrics.atlas.md to understand the system; 33 screens captured, 15 chart-internal tabs mapped, 8 third-party integrations identified)
• Constellation pricing tiers Yogini already runs — we adopted them verbatim into the Starlight Marketing surface so we're not reinventing the wheel:

Tier	Monthly	Theme
⭐ Orion	$295	Premium family tier
🎵 Lyra	$225	Standard premium
⭐ Sirius	$175	Mid-tier
🦄 Pegasus	$150	Entry premium
⭐ Polaris	$100	Entry tier

Customer zero is real, profitable, and the design partner. (This is the Customer Zero operating principle made concrete — the team building the product is in close contact with the person who depends on it daily.)

The wedge vs Atlas.MD

The clinician-app prototype includes a vs Atlas.MD page walking through 10 quantified dimensions side-by-side. Receipts from the live tour of starlightpediatrics.atlas.md, not vibes.

Highlights:

• Visit notes: +30–60 min/day saved (AI scribe with cloned-voice transcript → auto-drafted SOAP note → ICD-10 chips → sign & add to chart)
• Parent communication: the moat. The parent app + auto-generated plain-language summaries push notifications to the parent's phone the moment the doctor signs the note. Atlas has nothing like this.
• Visit summaries: the leapfrog feature. Claude-generated, warm, second-person, no ICD-10. Atlas would need to rebuild their stack to ship this.
• Newborn home visit: premium-pricing differentiator Yogini already runs (48h post-discharge); Starlight has it natively in the calendar and pricing flow. Atlas doesn't.
• AI substrate vs sidecar: Claude + Whisper woven through every screen, not bolted on as a chat assistant
• eRx, documents, family billing, mobile, reports — all built right; see the live prototype for the side-by-side

The AI scribe moment — the demo that closes

Click into Sofia Martinez's chart, hit “Start visit · AI scribe” (gold button), and Yogini's actual cloned voice plays through the speakers (generated with ElevenLabs from her Starlight video). Live transcript highlights each speaker in gold as the audio plays — Yogini asks Sofia about her cough, Lisa (mom) answers about the fever, Yogini examines the lungs.

Hit “STOP & DRAFT NOTE” → 20 seconds later the AI-drafted SOAP note appears side-by-side with the transcript, confidence flags on uncertain spans, ICD-10 chips auto-suggested, inline edit, “Sign & add to chart.”

Then — split-screen — Lisa's iPhone receives the push notification with the plain-language visit summary auto-generated by Claude. This is the leapfrog Atlas can't ship without rebuilding.

If a demo lands the entire product in 4 clicks, it's the right demo. This one does.

Hero engineering feature — Synthetic Personas

A deterministic, HIPAA-safe, plausibility-filtered generator for pediatric families. Not just patients — the whole household: guardians, kids, conditions, vaccines, billing posture, sentiment, voice, regional distribution.

Why it matters

• 🔒 HIPAA safety — engineers never need real PHI to develop, debug, or demo Starlight
• 🔬 The long tail — real datasets cluster around the mode; the generator deliberately produces edge cases (foster families with CPS history, religious-exemption refusers, T1D-with-glucagon, severe peanut + epi-pen, adversarial adolescents)
• 🛠️ Build it once, ship it three times — same engine powers Starlight tests, the Diagnostic Game, CME Delivery, and Parent Triage synthetic conversations
• ⚡ Determinism guarantee — same (seed, size, options) produces bit-identical output. Bug reports quote a seed; the team reproduces the cohort exactly. Never commit large fixture JSONs — just a seed.

# Pretty-printed cohort summary
pnpm synth -- --seed=42 --size=100

# HTTP server for curl exploration
pnpm synth:serve
curl 'http://127.0.0.1:7777/cohort?seed=42&size=10'
curl 'http://127.0.0.1:7777/find?seed=42&size=200&condition=peanut-severe'

# Bias toward newborns (for newborn home-visit testing)
pnpm synth -- --seed=7 --size=200 --newbornBias=0.4

# Adversarial cohort (stress-test escalation paths)
pnpm synth -- --seed=99 --size=200 --adversarialBias=0.5

The architectural lineage matters: synthetic personas was adapted from Polaris's IT-buyer generator — same engineering pattern, different domain. Polaris generates Decision Maker buyer personas for the analyst platform; Starlight generates pediatric family cohorts for HIPAA-safe development. That generalizable pattern is the kind of B4M V3 blueprint candidate Ken called out in the architecture proposal.

Full design: docs.dev.starlightpractice.com/docs/synthetic-personas.

Hydra security verification — 0 criticals

Hydra ran against Starlight's API: 210 tests across all 28 endpoints. No critical vulnerabilities found. The security architecture is solid:

• Every endpoint properly blocks unauthenticated requests
• CORS locked down, no wildcards
• SQL injection safe (parameterized queries throughout)
• Tenant isolation working at 3 layers — app, transaction, database RLS
• No hidden / debug endpoints exposed
• Email templates safe from injection

One thing fixed: patient create/update was accepting a familyId without checking it actually belongs to the practice. RLS would likely block exploitation at the DB level, but defense-in-depth app-level check added too. Also added security headers (HSTS, X-Content-Type-Options, X-Frame-Options) to all API responses (low risk for a JSON API, but free win).

Fix shipped on dev (e9d41a5).

What this means: Starlight passed the same Hydra sweep that found nine production-live CRITICALs in Lumina5 and Polaris. The team built it right from the start.

What's shipped (engineering)

The April–May sprint cycle landed all five Erik-asked-for items, plus polish:

Item	Status	Who
PR #31: CI/CD (mimicking VibesWire pattern) — OIDC + IAM + GH Environments, main → staging deploy, prod → production deploy, PRs → previews at pr<N>.preview.starlightpractice.com, shared VPC per AWS account, post-deploy hooks auto-run migrations + seed	✅	Poy
Stage simplification: drop dev stage, go main + prod like the rest of the B4M repos	✅	Poy
Database decision locked: Aurora PostgreSQL	✅	Poy + Victor
RBAC end-to-end (PR #51): practitioner + parent roles enforced both at the handler (Cognito token check) and the database (RLS policies). 27 backend handlers migrated; frontend aligned. If a handler forgets a check, the DB refuses the query.	✅	Victor
Separate AWS accounts: staging + prod isolated (HIPAA-aligned)	✅	Poy
Global Platform Admin batch (PR #54–#61): append-only audit log + audited() middleware + /admin/audit CSV export (#54); /admin/health + /admin/overview KPIs with 5-min snapshot cron (#58); cross-tenant /admin/practices + read-only impersonation (#59); Cognito user management (#60); feature flags with two-tier resolution (#61)	✅	Victor
4 hotfix PRs (#62–#66): 204-response BFF cascade fix; drizzle schema grant; CORS preflight for impersonation headers; AdminShell @/lib/auth import; admin UI/UX redesign to Vuexy MUI light theme matching /dashboard	✅	Victor
Docs PR #30: 9-commit, 75-file, +11k/−18k docs overhaul. 50+ pages across 9 new sections. Full-text search, Mermaid, blog/changelog enabled, stage-aware URLs. Documentation site at docs.dev.starlightpractice.com	✅	Erik

Operational notes

• Aurora auto-pause: first login after a long quiet period takes ~10–15s while Aurora spins back up. Subsequent logins are instant. Can switch to always-warm for prod (cost discussion with Poy/Allan).
• Test credentials (live at starlightpractice.com/login):
  • Admin — admin@admin.com / (see secrets store) — lands on /admin/overview
  • Practitioner (Starlight Pediatrics) — dr.yogini@starlightpractice.com / (see secrets store) — lands on /dashboard

Tech stack

12-card opinionated stack:

• Database: Postgres + Drizzle ORM (Aurora PostgreSQL with RLS)
• Frontend: Next 15 (App Router) + Vuexy MUI light theme
• Auth: Clerk + Cognito for global admin layer
• Mobile: Expo
• Prescriptions: DoseSpot
• Payments: Stripe (Setup Intent flow for family billing)
• Telephony / SMS: Twilio
• Telemedicine: LiveKit
• AI: Claude (Anthropic) + Whisper (OpenAI) for scribe; ElevenLabs for voice cloning
• Clinical data: Health Gorilla (FHIR R4 + ICD-10/SNOMED/LOINC/RxNorm/NDC + Bright Futures + ACIP)
• Compliance: Vanta (for SOC 2 + HIPAA)
• Infra: AWS + Vercel (deployed via SST)

The 24 epics (sprint-mapped)

Re-ranked by Atlas-parity priority. Live at github.com/dsurana04/starlight-md/issues (epic label).

• P0 — Yogini-can't-switch-without (11 epics): foundation, auth, chart shell, SOAP editor, vitals, eRx, calendar, Stripe billing, SMS + email, staff-add-patient, documents
• P1 — wedge-vs-Atlas (5 epics): prospect onboarding, parent app + auto-summary, AI scribe, AI triage + risk, newborn home visit
• P2 — modern polish (3 epics) · P3 — expansion (5 epics)

Auxiliary bets (post-v1, explicitly out of scope but flagged)

Pediatric is the wedge; the platform extends:

• Adults Direct Care — same engine, different demographic
• Dentistry — DPC dentists are a known underserved market with the same problem shape
• CME Delivery — continuing medical education built on the same synthetic-personas substrate
• Diagnostic Game — pediatric diagnostic training game using the synthetic personas as adversarial cohorts

These are explicitly not in v1 scope, but documented so the team pattern-matches the moment someone walks up with a pitch.

Team

• Erik — CEO, direction, repo-grooming Loom sessions, decision log
• Deepak Surana — product, prototypes, customer development with Yogini, Slack ringleader
• Dr. Yogini Surana — customer zero, design partner, voice (literally, via ElevenLabs)
• Victor — engineering: RBAC end-to-end, Global Platform Admin batch, 4 hotfix PRs, theme migration
• Poy — CI/CD, infrastructure, SST, Aurora, OIDC + IAM + GH Environments wiring
• Ken Wallace, Nao, Julie, Kevin — tech-choice review and architectural input
• Illia — UI / design polish (planned)

Status & timeline

• 7-sprint timeline — sprint-0 through sprint-7+. Target: Yogini stops using Atlas at month 7.
• Where we are right now: P0 foundation shipped (CI/CD, RBAC, admin, theme). P1 wedge features (AI scribe, parent app, auto-summary) in active build. Hydra security verification clean.
• Next milestone: dry-run the clinician-app flow with Dr. Yogini once basic functionality is stood up — per Deepak's ask in #starlight.

Repos & URLs

Resource	URL
Production	starlightpractice.com
Staging / docs	docs.dev.starlightpractice.com
Preview deploys	pr<N>.preview.starlightpractice.com per PR
Main repo	MillionOnMars/Starlight
Prototype repo	dsurana04/starlight-md (private; Erik + Victor invited)
Clinician prototype	starlight-md-prototype.netlify.app (login: starlight / CrushAtlas2026!)
Parent prototype	starlight-parent-app.netlify.app
Live pediatric practice	starlight-pediatrics.netlify.app (Yogini's current marketing site)

Connections to the rest of the catalog

• Hydra — ran 210 tests against Starlight's API and validated zero criticals; Starlight is the negative-result trophy case for Hydra (built right from the start)
• Horde — the accounting engine that will eventually power Starlight's family-billing rollup
• Bike4Mind — the AI substrate (Claude + Whisper + ElevenLabs orchestration) Starlight uses; Synthetic Personas is the kind of generalizable primitive that should graduate to a V3 blueprint
• Polaris — the IT-buyer-generator pattern was the architectural lineage for Synthetic Personas
• Connections page — Starlight has subsystem dependencies (Horde accounting), primitive composition (Claude + Whisper + ElevenLabs from the B4M substrate), and now a family relationship with Polaris via the persona-generator pattern

What changes about its status now

Per Erik (today): Starlight is one of B4M's bigger Forge bets. Promoting in the catalog Quick Scan from a generic “MVP, gentle slow” framing to “active, customer zero locked in, Atlas.MD wedge real, security verified, on the 7-sprint path to displacing the incumbent.”

Schedule time with Dr. P (Yogini) once basic functionality is stood up — she'll love seeing the progress (per Deepak).