Phila Sync Core is embeddable, offline-first, POPIA-grade infrastructure — encrypted on-device records, conflict-safe multi-tenant sync, FHIR R4, and an audited supervisor dashboard. You keep your clinical workflow and your brand. We give you the plumbing — live in days, not a quarter of engineering.
Drop it into your product and inherit the parts that take months to get right.
Encrypted IndexedDB store with an in-memory cache; capture on a low-end phone with no signal, then reconcile to your server with last-write-wins conflict safety the moment a connection appears.
Opt-in PIN → PBKDF2 / AES-256-GCM (WebCrypto) seals every record payload on the device. No key or PIN ever leaves the phone.
FastAPI (SQLite/Postgres) or a zero-dependency twin — identical API. Bearer-token auth, per-tenant isolation, audit log, rate-limiting and structured logging out of the box.
Token-gated, XSS-hardened dashboard: caseload by site and tenant, activity, referral follow-ups, and the full sync audit trail.
Export encounters as a FHIR R4 Bundle (Patient, Encounter, LOINC-coded Observations, Consent…) or push a transaction Bundle straight to any FHIR server.
Consent capture, retention & identity scoping, audit trail, and a written operator-agreement template — so you sign vendors as a compliant operator, not a liability.
Optional add-on — Triage Core: the guideline-based (WHO IMCI / W4SS / PEN-adapted), provenance-cited triage & referral-routing engine as a licensed library. Decision-support, human-in-the-loop — surfaced to your nurse/clinician, who makes every call.
Indicative bands below — final scope and figure are quoted per engagement. Anchored under the closest published comparable (CommCare/Dimagi $100–$4,000/mo).
*Per-seat overage ~R35/seat/mo above a generous bundle, mirroring the standard $2/user model. All figures are starting points — your real number depends on tenants, hosting and support tier.
We'd rather tell you upfront than waste a call.
No. Phila is decision-support and records infrastructure with a registered nurse or clinician in the loop on every decision. Outputs are screening/triage support and referral routing — never a diagnosis. The licence forbids making diagnostic claims with the component.
The component is built, tested and live. A typical integration is a fixed-fee project of a few weeks — embed the store + sync, wire your auth/tenants, draft your operator agreement, brand the app, run a pilot. You write no records/sync/FHIR code yourself.
You can — if you have a team to configure a platform, host it, harden it for POPIA, and maintain it. Sync Core is the done, embeddable, white-labelled component for teams who want the capability in days without standing up a platform practice.
On the device first (encrypted), then in your sync server — self-hosted or hosted for you, in South Africa. You are the responsible party; we operate under a written agreement. No data is sent anywhere you don't control.
Those are illustrative, non-diagnostic demos only and are not part of the product. A genuinely sellable screening capability requires a trained, validated model and a clinical study — a separate roadmap we'll only ship when it's real.
Tell us what you run today. A 30-minute scoping call tells us whether Sync Core fits — and exactly what your number looks like.
