Systems Artifact · Level 3 DFD

Denticon API Appointment Management IVA

A compact, scan-friendly Level 3 data flow diagram showing how an AI appointment-management assistant moves data between the patient, IVA orchestration layer, Denticon API domains, and operational systems.

Patient LookupAvailability SearchBook / Confirm / CancelEscalationAudit Logging

Architecture Snapshot

What this proves: API solutioning, workflow orchestration, HIPAA-aware data handling, writeback control, and safe fallback design.

Goal

Allow verified patients to schedule, reschedule, confirm, or cancel appointments without exposing patient-specific data before identity verification.

Denticon Domains

Patients API
Appointments API
Practices API
Subscriptions / Webhooks

Non-Negotiable

The IVA never invents appointment availability, patient identity, provider data, or appointment status. It retrieves, verifies, writes back only after confirmation, or escalates.

Level 3 Diagram

Four swimlanes. One readable system story: caller intent → verification → Denticon API action → logged outcome.

1 · Patient + Channel

Patient / Caller

Provides intent, identity details, preferences, confirmation, or cancellation reason.

↓

Voice / Chat Channel

Captures ANI, transcript, session ID, timestamp, and channel source.

↓

IVA Conversation Layer

Detects intent, asks approved verification questions, presents options, and confirms selection.

2 · AI Orchestration

Intent Classifier

Schedule, reschedule, confirm, cancel, appointment lookup, or live-agent request.

↓

Identity Gate

Blocks patient-specific appointment details until verification passes.

↓

Appointment Orchestrator

Selects correct API workflow and applies business rules before writeback.

↓

Policy + Rules Engine

Office rules, cancellation windows, provider constraints, and escalation triggers.

3 · Denticon API Layer

Patients API

Patient match, demographic context, identity support.

↓↑

Practices API

Locations, providers, production types, appointment metadata.

↓↑

Appointments API

Availability, appointment lookup, booking, confirmation, cancellation.

↓↑

Subscriptions / Webhooks

Real-time appointment or patient update events.

4 · Outcomes + Controls

Session Store

Short-lived session state, verification status, selected workflow path.

↓

Audit Log

Intent, verification result, API status, writeback outcome, escalation reason.

↓

Escalation Ticket

Routes failed verification, no availability, policy exceptions, or low confidence.

↓

Confirmed Outcome

Booked, confirmed, cancelled, rescheduled, or safely routed to staff.

Sample API Call Map

These are implementation-style operation labels based on Denticon’s public API capability areas. Exact endpoint paths, payloads, auth scopes, and response codes should be validated in live Swagger.

Workflow Step	Sample API Operation	Data Used	IVA Behavior
Patient lookup	GET/patients/search	ANI, DOB, last name, ZIP, patient ID where approved	Find patient match; if no/multiple match, ask approved clarifier or escalate.
Practice metadata	GET/practices/{practiceId}/providers	Practice ID, location ID, provider ID, production type	Show only valid provider/location options.
Availability search	GET/appointments/availability	Location, provider, appointment type, preferred date/time	Present returned slots only. Never invent availability.
Book appointment	POST/appointments	Patient ID, slot ID, provider, location, appointment type	Write back only after explicit patient confirmation.
Confirm appointment	PATCH/appointments/{appointmentId}/confirm	Appointment ID, patient ID, confirmation status	Confirm status and log outcome.
Cancel appointment	POST/appointments/{appointmentId}/cancel	Appointment ID, patient ID, cancellation reason, policy flag	Apply cancellation rules; escalate if fee/window policy requires review.
Real-time update	POST/webhooks/appointments	Appointment event, status change, timestamp, event ID	Validate event source, update session/reporting, prevent duplicate processing.

Credibility Note

Denticon’s public developer portal describes API categories and appointment capabilities, including availability, booking, confirmation, and cancellation. The exact endpoint syntax above is presented as a realistic implementation map and should be reconciled with Denticon’s live Swagger before engineering build.

Controls, Fallbacks & Dev Flags

The lightweight version still shows the senior thing: what happens when the happy path snaps.

Security Controls

Verify before disclosure.
Minimize PHI in logs.
Validate webhook source.
Require explicit confirmation before writeback.
Audit every API call and outcome.

Fallback Rules

No patient match → clarify or escalate.
Multiple matches → no disclosure; escalate if unresolved.
No availability → alternate preference or handoff.
Writeback failure → do not confirm.
Low confidence → route safely.

Swagger Validation Needed

Exact endpoint paths.
Auth scopes and token behavior.
Request/response schemas.
Status enums and error codes.
Cancellation reason fields.