Case study · Regulated voice AI · Open source

Enterprise Voice Agents

Two production-shaped, open-source voice-agent reference architectures for regulated domains — where a careless agent can leak health data or a card number. Built to prove the boundaries, not just the demo.

All work

The problem

Voice agents are easy to demo and hard to get right where it matters. In healthcare and payments, the danger isn't the happy path — it's the edges: an agent that gives medical advice, approves something it shouldn't, discloses health information to the wrong caller, or pulls a spoken card number into PCI scope. The real engineering is an agent that knows the boundaries it must not cross.

I built two open-source reference architectures to show how that's done — the kind of regulated, safety-critical design enterprises actually need, not a toy chatbot.

The approach

Both agents share one principle: guardrails live in code, not in a prompt — because a prompt can be talked around. A deterministic policy engine enforces the hard rules and the language model only ever chooses among already-permitted actions. When the model and the engine disagree, the engine wins. The whole safety surface runs with no API key, no telephony, and no network, so it's testable and provable in CI.

What I built

PatientLine — HIPAA-aware patient access

An inbound agent for a medical front desk: scheduling, prescription refill requests, and intake. It gives no clinical advice, never approves a refill, discloses no health information before identity is verified, and routes emergencies immediately. Every data hop is mapped to a Business Associate Agreement.

WillCall — PCI-aware ticketing

An inbound box-office agent for sales, exchanges, transfers, and subscriptions. Its defining decision: the agent has no path to capture a card — payment is handed off to a separate, descoped flow and the model only ever receives a token. Pricing is all-in by construction, so quotes are honest by design.

The result

The safety boundaries are mechanically verifiable in CI: zero medical advice and zero refill approvals across adversarial scenarios, and a Luhn-checked scan proving zero card numbers in any transcript or log — including a scenario where a caller reads a card aloud. The work ships with Terraform infrastructure, compliance data-flow mapping, and architecture decision records defending every choice. It's the difference between a demo and an enterprise-ready system.

View the full source and architecture on GitHub

Python LiveKit SIP LLM / Tool-calling HIPAA PCI DSS Terraform
Zero PHI leaks & card numbers, proven in CI

Exploring AI in a regulated or safety-critical workflow? That's exactly where I work.

View the code on GitHub