Medical Insurance Assistant
Active

Medical Insurance
Assistant

Active

Internal bilingual Q&A tool for employees at Toppan Merrill Ukraine. Coverage and policy questions used to land in HR's inbox at all hours; I built one place where employees can ask in their own language — EN or UA — and get an answer grounded strictly in the official program documents, with a curator dashboard for usage analytics and escalations.

  • Sole designer, developer, and operator
    Built end-to-end by me
  • Grounded in policy
    Every answer cites the program documents — no folklore, no guessing
  • Bilingual by design
    Matches the language of the question — EN or UA
  • In-app clinic directory
    Search the ~2,300 in-network clinics by city, service, and — for Kyiv — district & microdistrict (масив), no tokens spent
Private app — screenshots only
Medical Insurance Assistant — chat empty state with topic shortcuts

Built for employees, grounded in policy

Employee self-service

Ask anything about coverage, dental, allergies, clinic visits — get an answer immediately, without pinging HR.

Bilingual by design

Detects the question language (EN or UA) and answers in the same one — without losing fidelity to the source document.

Admin dashboard

Date-filterable usage analytics — volume, unique users, avg response, top topics, escalations and failures — plus an allowlist tab to add or remove employees.

Privacy-first logging

Emails are hashed with a salted HMAC before logging. Logs hold the question + answer, never the identity behind them.

Inside the chat

Desktop chat — a coverage question answered with the program's conditions
Mobile chat — an English question answered in English, grounded in the program
Mobile — the in-app Clinics list with city and service filters

Admin dashboard & privacy notice

Overview — KPIs & trend
Admin overview — questions, users, answered rate, failures, avg latency, and questions-over-time chart
By topic — what people ask
Admin — donut chart of questions by topic and most-asked questions
Recent & escalations
Admin — recent questions feed, escalations and failed answers
Privacy notice
Privacy notice (Ukrainian) — what the app is, what data is stored, how email is used, who can see what

Why it matters & how it's built

Why it matters

  • No more "ask HR" loop
    Coverage questions get answered in seconds, day or night, instead of waiting on a reply.
  • One source of truth
    Every answer cites the official program documents — no folklore, no guessing, no out-of-date screenshots.
  • Answers in your language
    EN or UA — the assistant matches the language of the question, not just the company default.
  • Visibility into recurring questions
    The admin view shows which topics come up most — a signal of where the policy itself should be clearer.

Tech stack

  • HTML
    Hand-authored HTML / CSS / JS
    Multi-page static frontend — no framework, no build step
  • Firebase
    Firebase
    Hosting · Auth (email magic link) · server-side allowlist · Firestore · App Check
  • Cloud Functions · Node.js 22
    Five onCall functions in europe-west1 — askInsurance, checkAccess, getClinics, add/remove allowlist
  • Gemini
    Gemini 2.5 Flash
    Grounded answer generation — implicit caching of the policy docs; the ~2,300-clinic list is never sent in full, only a small city/district/name-filtered slice (~98% fewer tokens) when a question needs it.
  • Sentry
    Sentry
    Cloud Functions + browser pages — EU DSN, errors only
  • App Check
    reCAPTCHA Enterprise · App Check
    Blocks abuse at the function boundary before any Gemini call is made
  • Python
    Python · backup & audit
    Firestore snapshot + restore scripts and a build-audit report generator
  • GitHub Actions
    GitHub Actions
    5-job CI — tests · Lighthouse budgets · npm audit · secret scan gate every deploy
  • Versioned releases
    Semantic versions, tagged in git — changelog kept per release, version shown in-app

Privacy & security

  • Passwordless magic-link sign-in
    Firebase Auth email link — no passwords stored, no Google popup
  • Employee allowlist
    Server-side allowlist gates every Cloud Function — only approved emails get through
  • Pseudonymized logging
    Emails one-way salted-HMAC hashed before logging — never reversible
  • App Check protection
    reCAPTCHA Enterprise blocks abuse before any Gemini call is made
  • Error monitoring
    Sentry for Cloud Functions and browser pages — EU DSN, errors only, with transient sign-in network blips filtered out as noise
  • Tested before every deploy
    Unit, Firestore-rules and e2e suites + Lighthouse performance budgets gate CI — a red build never ships
  • Audited dependencies
    npm-audit gate on the backend deps + Dependabot — high-severity advisories block CI; versions pinned or overridden to patched releases
  • Layered backups & uptime
    7-day PITR + weekly snapshots with an empty-backup guard · UptimeRobot monitors the site 24/7

Value delivered

Less repetitive HR support

The bot handles the common questions; HR only gets pinged when the bot escalates on its own.

Consistent, policy-based answers

Every employee gets the same answer to the same question — the bot never improvises beyond the source documents.

Easier access to policy info

No more digging through PDFs in three appendices to find the line about a dental limit or exclusion.

Analytics on recurring questions

Topic patterns and most-asked questions point out where the policy document itself should be clearer.