Moonlitic Technical Architecture

End‑to‑End Health Data & Payments Platform — Built on Azure, Zero Trust by Design

Internal Only — Moonlitic Confidential

Moonlitic unifies identity, consent, clinical data, and real‑time payouts on a single Azure‑native, zero‑trust platform designed for CxO‑grade governance, auditability, and scale.

Azure / Microsoft Cloud Services
Moonlitic Microservices
External Partners (Identity, Payments, Data)
Security, Zero Trust & Compliance
Data, Analytics & Ledger

1. Experience Layer — Portals & Apps

React / Next.js • Shared Design System
Moonlitic Portal
Patient & Participant App
Onboarding, identity verification, and consent
Health data connections & longitudinal view
Payout wallet view & earnings history
Moonlitic Portal
Clinician & Care Team Console
Patient enrollment & consent status
Clinical insights & prior‑auth workflows
Program performance dashboards
Moonlitic Portal
Buyer & Pharma Marketplace
Program configuration & cohort definitions
Data product catalog & SKUs
Contract terms, pricing, and reporting
Moonlitic Console
Operator & CxO Control Plane
Global observability & audit trails
Security posture & zero‑trust policies
Program‑level financial & clinical KPIs

2. API Gateway & Zero‑Trust Security

Entra ID • OAuth2/OIDC • Clear
Azure API Management
Unified Entry Point
Rate limiting, throttling, and IP controls
JWT validation with Microsoft Entra ID
Centralized request/response logging
Identity Proofing
Clear (Patient & Clinician)
High‑assurance identity verification
Liveness & document checks
Reusable identity across programs
Access Control
Microsoft Entra ID
Role‑based access (patient, clinician, buyer, operator, admin)
Conditional access & device posture
Zero‑trust enforcement at every call
Multi‑Factor & Comms
Twilio & Email Providers
SMS MFA & phone verification
Consent receipts & notifications
Program and payout alerts

3. Application Layer — Moonlitic Microservices

Containerized Services • Shared Security Library
F01 — Consent Engine
Policy‑Aware Consent
Consent APIs & jurisdiction rules
Propagation to data & payout flows
Real‑time consent checks on access
F02 — Clinical Intelligence
FHIR‑Native Intelligence
Normalization & enrichment of FHIR data
Program eligibility & trigger logic
Prior‑auth & quality measure workflows
F03 — Claims & Reconciliation
Financial & Clinical Alignment
Claims ingestion & normalization
Reconciliation of claims vs. payouts
Error reporting & dispute workflows
F04 — Marketplace & Entitlements
Data Products & Access Control
Buyer onboarding & approvals
Granular data entitlements per SKU
Delivery orchestration to destinations
F05 — Payout Orchestration
Real‑Time Royalties
Program‑level payout rules & splits
Participant wallet ledger
Integration with external payment rails
Shared Library
Zero‑Trust & Ledger Client
Common auth & ACL client
Standardized logging to Confidential Ledger
Consistent audit semantics across services

4. Data & Ledger Layer — Azure Health Data & Fabric

FHIR • Fabric • Confidential Ledger
Azure Health Data Services
Clinical Source of Truth
FHIR R4 server for longitudinal records
De‑identification for secondary use
DICOM & MedTech for imaging and devices
Microsoft Fabric
Analytics & Lakehouse
Unified lakehouse for raw & curated data
Real‑time analytics & semantic models
Power BI‑ready views with row‑level security
Azure Confidential Ledger
Immutable Audit & Trust
Every consent, access, and payout logged
Tamper‑evident, regulator‑ready audit trail
Foundation for trust with buyers & regulators
Operational Stores
Cosmos DB & Blob Storage
Low‑latency session & consent cache
Secure storage for documents & forms
Audit exports & compliance artifacts

5. Integrations & Payments

FHIR Aggregators • EHR • Payments
Health Data Connectivity
FHIR & Aggregators
FHIR‑based connectivity to EHRs and payers
Support for multiple aggregators (pluggable)
TEFCA‑aligned architecture over time
EHR & Claims
Epic & X12
SMART on FHIR integration for Epic
X12 837/835 for claims & remits
Reconciliation with Moonlitic payout ledger
Payments
Velo (Primary Candidate)
ACH disbursements to participants
KYC & 1099‑NEC generation
Support for split payments & program rules
CXO Systems
CRM, Finance & Support
CRM for buyer pipeline (no PHI)
Finance systems for AP/AR & invoicing
Support ticketing & operations workflows

6. Unified Flow & Gaps Moonlitic Solves

From Identity → Data → Payout
1. Verify Identity (Clear + Entra)
2. Capture Consent (Moonlitic Consent Engine)
3. Ingest & Normalize Data (FHIR + Claims)
4. Run Intelligence & Program Logic
5. Deliver Data Products to Buyers
6. Trigger Payouts & Ledger Entries
Gap: Fragmented identity & consent → Moonlitic: Clear + Entra + Consent Engine Gap: Siloed clinical & claims data → Moonlitic: Azure Health Data Services + Fabric Gap: Weak audit & trust → Moonlitic: Azure Confidential Ledger, immutable logs Gap: Manual, opaque payouts → Moonlitic: Real‑time payout orchestration + Velo Gap: CxO blind spots → Moonlitic: Unified control plane & KPI dashboards