/aws-healthscribe

Primary LanguageTypeScriptMIT No AttributionMIT-0

AWS HealthScribe Demo

The AWS HealthScribe Demo app shows the art of the possible with AWS HealthScribe, a HIPAA-elgible service empowering healthcare software vendors to build clinical applications that automatically generate clinical notes by analyzing patient-clinician conversations.

After deploying the demo, you can record or submit audio files to AWS HealthScribe, view the status of the job, and visualize the transcript and summarized clinical notes, including sections like complaint, history of present illness, assessment, and treatment plan.

Additionally, structured medical terms extracted by AWS HealthScribe can be sent to Amazon Comprehend Medical for ontology linking, allowing you to infer ICD-10-CM, SNOMED CT, or RxNorm codes.

This project uses AWS Amplify to deploy a full-stack web application with an UI based on Cloudscape, authentication using Amazon Cognito and storage using Amazon Simple Storage Service (S3).

UI Sample

Deployment

Automatic Deployment

This method uses AWS Amplify hosting to build, deploy, and serve the web app. You must have a GitHub account.

amplifybutton

  • Select the link above.
  • Ensure you are in a region where AWS HealthScribe is available. See the AWS HealthScribe region table for more information.
  • On the Welcome to Amplify Hosting page, Select Connect to GitHub.
  • This redirects you to GitHub for authentication, after which you are redirected back to AWS Amplify.
  • In the Select service role dropdown, select a service role that allows Amplify to deploy the app. If none exist, select Create new role and follow the prompts.
  • Select Save and deploy.
    • This repository will be forked to your GitHub account for deployment. See the FAQ for instructions on deploying this demo with a private repository.

Note: if the deployment hangs on the Forking your GitHub repository for more than a minute, refresh the page and repeat the steps above.

Semi-Automatic Deployment via AWS CodeCommit

See the deployment guide for semi-automatic steps.

Security Considerations

Note: this demo is provided as a sample, and not meant to be used in a production capacity. Please review your organization's compliance requirements prior to uploading any data containing PHI.

Disable User Sign Ups

By default, any user with a valid email can sign up and authenticate into the web app. To disable this feature, and add users manually (or turn off sign ups after you have signed up),

  • Navigate to Amazon Cognito in the AWS console
  • Select the user pool for this web app. It should be named healthScribeDemoAuthUserPool-<unique id>.
  • Select the Sign-up experience tab.
  • Scroll to the bottom to the Self-service sign-up section, and select the Edit button for this box.
  • Uncheck Enable self-registration.
  • Select Save changes.

Encryption At Rest and In Transit

All traffic between the client (browser) and the server (AWS Amplify Hosting, AWS HealthScribe, Amazon S3) is encrypted in transit. Audio files uploaded to S3 and AWS HealthScribe output JSON is encrypted at rest.

Access Logging

Access logging is enabled for audio files and HealthScribe output in S3. These audit logs are written to a separate S3 bucket with a name starting with amplify-awshealthscribedemo-loggingbucket. Both buckets are retained when you delete the app.

Usage

Amplify deploys a public-accessible website. When you first visit the site, select the Sign In link at the top right of the page. From there, select Create Account and fill in the required information. Once authenticated, you have access to all features of this web app. Note that all conversations are viewable by any authenticated user.

Architecture

AWS HealthScribe Demo Architecture

Cleanup

Note: the S3 bucket containing audio files and HealthScribe output is retained during delete. The S3 bucket containing access logs for the former is also retained during delete.

FAQ

The public sample repo has been updated. How do I update my local deployment to the latest code?

During the initial deployment, AWS Amplify forked this repository to your GitHub account. Amplify then built a CI/CD pipeline using your fork as the source. To update your Amplify deployment, sync your fork with this repository:

  1. Navigate to the fork in your GitHub account.
  2. Select "Sync fork."
  3. Select "Update branch."

Can I use this UI with existing AWS HealthScribe jobs?

Yes, but you will have to grant the Amazon Cognito identity pool's authenticated role access to the S3 bucket where the input audio files and output JSON files are located.

  1. Navigate to Amazon Cognito Identy Pools in the AWS console. Make sure you are in the correct region.
  2. Select the identity pool associated with the demo. It is named similar to healthScribeDemoAuthIdentityPool..
  3. Select the "User access" tab.
  4. Select the link under "Authenticated role." This will open a new tab to the IAM role assumed by authenticated users.
  5. Add s3:GetObject actions for the S3 bucket(s) where your existing audio input and JSON output files are located.

Can I deploy this demo from a private repository?

Yes. Amplify Hosting supports connections to private repositories hosted on public GitHub, Bitbucket, and GitLab.

  1. Duplicate this repository to your private repository hosted on public GitHub, Bitbucket, or GitLab.
  2. Use Amplify Hosting to connect to your private repository.

Alternatively, you can use a private AWS CodeCommit repository with the Semi-Automatic Deployment method.

Security

See CONTRIBUTING for more information.

License

This library is licensed under the MIT-0 License. See the LICENSE file.