Case study

Healthcare R&D — identity & delivery pipeline for a medical app

A small healthcare team had a promising prototype for a medical app, but the underlying identity model and deployment story were too fragile to satisfy investors or regulators. We used open-source tooling and a practical R&D approach to turn their idea into something fundable and testable.

Sector

Healthcare / medical app

Focus

Identity, authorization, CI/CD, deployability

Outcome

~$500k in non-dilutive government funding, with a credible technical story.

Problem

A promising idea with a fragile foundation

The team had an early prototype that demonstrated the core idea of the medical app, but under the hood it relied on ad-hoc identity handling, manual deployment, and limited observability. It was enough for internal demos, but not enough to convince external stakeholders.

Investors and potential partners were asking the right questions: Who is allowed to do what? How are changes deployed? How do we know it’s safe to iterate? The existing setup couldn’t answer them confidently.

Approach

Designing an open, auditable foundation

Use open-source building blocks, make behaviour observable, and document in a way non-specialists can trust.

Identity & authorization architecture

  • • Defined clear user roles and permission boundaries.
  • • Selected open-source components to handle auth & token flows.
  • • Ensured the design could integrate with future clinical systems.

CI/CD & observability

  • • Built a repeatable CI/CD pipeline around the app stack.
  • • Added logging and metrics to surface behaviour under change.
  • • Created a deployment workflow suitable for regulated environments.

Documentation for non-specialists

Alongside the technical work, we produced architecture diagrams, flow descriptions, and a short narrative that explained the system in plain language. This made it easier for non-technical stakeholders to see how identity, security, and deployment were being handled — and why that reduced risk.

Outcome

A fundable, testable platform story

With a solid identity architecture, automated delivery, and clear documentation, the team could present a credible technical story. It wasn’t just “we have a cool app” — it was “here’s how it runs, how we change it safely, and how we handle access”.

That clarity played a role in the team securing roughly $500k in non-dilutive government funding to continue development and validation.

View the application security platform case study → Talk about your project