Legend EHR
Electronic Health Records & Enterprise ERP — legendehr.com
Company overview
Legend EHR (built with SapienIT) provides electronic health records and practice management to clinics across the United States. As adoption grew, the platform's release process and back-office systems — HR, finance, assets — had drifted into a fragile, disconnected state that put both reliability and compliance at risk.
The business challenge
What we were trusted to solve.
Persistent deployment instability and HIPAA non-compliance threatened product reliability. Disconnected HR, finance, and asset systems created dangerous data silos across the organization.
Our solution
Built automated CI/CD pipelines with QA-driven pre-releases and rollback protocols. Delivered a centralized ERP unifying all workflows into a single real-time system with full HIPAA-compliant processes.
Technical constraints
The guardrails we designed within.
Zero downtime
Clinical users depend on the system during business hours — migrations had to be invisible.
HIPAA by design
Encryption, access control, and audit logging as architecture, not add-ons.
Existing Angular app
Rebuild the pipeline and back office without a risky front-end rewrite.
Team can own it
Every automation had to be documented and operable after handover.
Discovery process
Mapping the real system before touching it.
- 01
System audit
We traced every deploy step, data source, and manual reconciliation across HR, finance, and assets.
- 02
Compliance gap analysis
Mapped current state against HIPAA controls to find where audit trails and access boundaries were missing.
- 03
Target architecture & sign-off
A written plan — pipeline, ERP data model, and rollout — approved before a line of code changed.
Architecture decisions
How it fits together.
We introduced QA-gated CI/CD with automated rollback, then consolidated the back office into a single ERP with real-time sync — so every number reconciles and every action is logged.
Centralized ERP · real-time system of record
QA-gated CI/CD — Automated build, test, staging approval, and one-command rollback replaced manual releases.
Microservices on AWS — Isolated services with independent deploys, so one change never risks the whole platform.
Real-time sync + audit log — Every write reconciled across modules and recorded for a complete HIPAA trail.
Technology stack
What it runs on.
Implementation timeline
From discovery to production.
Weeks 1–2
Discovery & architecture sign-off
System audit, compliance gaps, and an approved target design.
Weeks 3–6
CI/CD pipeline + rollback
Automated build/test/deploy with staging gates, live behind the scenes.
Weeks 5–10
ERP consolidation
HR, finance, and assets migrated into one real-time system, module by module.
Week 11+
Handover & support
Documentation, walkthroughs, and 30 days of post-launch support.
Key features
What shipped.
Release dashboard
One-glance deploy status, health, and rollback controls.
Unified ERP console
HR, finance, and assets in one reconciled view.
Results & performance
The outcome, measured.
A delivery pipeline the team trusts and an auditor can sign off on — with the back office finally reconciled into one source of truth.
Security considerations
Encryption at rest and in transit, role-based access control, and a complete audit trail on every write. Compliance was validated as part of delivery — not deferred to a later phase.
Partnering with Auricorium transformed our operations — faster releases, minimal downtime, and full compliance.
Lessons learned
What we'd tell the next team.
Automate the scary thing first. Fixing deploys before touching data meant every later change shipped safely.
Compliance is architecture. Building the audit trail into the data model was far cheaper than retrofitting it.
Have a system that needs this kind of rigor?
Tell us what you're building. We'll tell you how we'd approach it, what stack we'd choose, and what timeline looks realistic.