← PORTFOLIO
Patient Management Service — microservices

PATIENT BILLING SERVICE

(SECURE DISTRIBUTED SYSTEM)

2025

GITHUB

A PRODUCTION-PATTERN HEALTHCARE MICROSERVICES SYSTEM IN JAVA AND SPRING BOOT. FIVE INDEPENDENTLY DEPLOYABLE SERVICES — PATIENT, BILLING, AUTH, ANALYTICS, AND API GATEWAY — COMMUNICATING VIA BOTH gRPC (SYNCHRONOUS) AND APACHE KAFKA (ASYNCHRONOUS EVENT-DRIVEN).

THE ARCHITECTURE ENFORCES HARD SERVICE BOUNDARIES: DATABASE-PER-SERVICE, PROTOBUF-CONTRACTED gRPC CALLS, AND KAFKA TOPICS FOR DECOUPLED EVENT PROPAGATION — THE SAME PATTERNS USED IN LARGE-SCALE DISTRIBUTED SYSTEMS.

ARCHITECTURE:

LANGUAGE
JAVA 17 · SPRING BOOT 3 · SPRING DATA JPA · SPRING SECURITY · MAVEN MONOREPO
SERVICES
PATIENT SERVICE · BILLING SERVICE · AUTH SERVICE · ANALYTICS SERVICE · API GATEWAY — EACH INDEPENDENTLY DEPLOYABLE
SYNC COMMS
gRPC — PATIENT SERVICE CALLS BILLING SERVICE VIA PROTOBUF CONTRACT FOR LOW-LATENCY BILLING ACCOUNT CREATION
ASYNC COMMS
APACHE KAFKA — PATIENT SERVICE PUBLISHES EVENTS CONSUMED BY BOTH BILLING AND ANALYTICS SERVICES; FULLY DECOUPLED
AUTH
JWT AUTHENTICATION · AUTH SERVICE ISSUES AND VALIDATES TOKENS · API GATEWAY ENFORCES AUTH ON ALL INBOUND REQUESTS
INFRA
DOCKER · DOCKER COMPOSE · PER-SERVICE POSTGRESQL INSTANCES · KAFKA BROKER · PROTOBUF SCHEMA DEFINITIONS

FEATURES:

DUAL COMMUNICATION PROTOCOLS

SYNCHRONOUS gRPC FOR PATIENT → BILLING (PROTOBUF CONTRACT, TYPED REQUESTS/RESPONSES, LOW LATENCY). ASYNCHRONOUS KAFKA EVENTS FOR PATIENT → ANALYTICS AND PATIENT → BILLING DECOUPLED PROCESSING. BOTH PROTOCOLS COEXIST IN THE SAME SYSTEM, EACH USED WHERE IT FITS.

INDEPENDENT SERVICE DATABASES

EACH SERVICE OWNS ITS OWN POSTGRESQL INSTANCE — NO SHARED SCHEMA, NO CROSS-SERVICE JOINS. PATIENT SERVICE MANAGES PATIENT RECORDS, BILLING SERVICE MANAGES ACCOUNTS AND INVOICES, AUTH SERVICE MANAGES CREDENTIALS. DATABASE-PER-SERVICE IS ENFORCED AT THE INFRA LEVEL.

API GATEWAY + JWT ENFORCEMENT

ALL EXTERNAL TRAFFIC ENTERS THROUGH THE API GATEWAY, WHICH VALIDATES JWT TOKENS BEFORE FORWARDING REQUESTS. THE AUTH SERVICE HANDLES REGISTRATION, LOGIN, AND TOKEN ISSUANCE. DOWNSTREAM SERVICES TRUST THE GATEWAY — NO REDUNDANT AUTH LOGIC IN EACH SERVICE.

EVENT-DRIVEN ANALYTICS

WHEN A PATIENT IS CREATED OR UPDATED, THE PATIENT SERVICE PUBLISHES A KAFKA EVENT. THE ANALYTICS SERVICE SUBSCRIBES AND PROCESSES THESE EVENTS INDEPENDENTLY — ZERO COUPLING TO THE PATIENT SERVICE. NEW CONSUMERS CAN BE ADDED WITHOUT TOUCHING THE PRODUCER.

gRPC BILLING INTEGRATION

BILLING ACCOUNT CREATION IS TRIGGERED SYNCHRONOUSLY VIA gRPC IMMEDIATELY AFTER PATIENT CREATION. PROTOBUF SCHEMAS DEFINE THE CONTRACT BETWEEN SERVICES — STRONGLY TYPED, VERSIONED, AND LANGUAGE-AGNOSTIC. THE BILLING SERVICE EXPOSES BOTH HTTP AND gRPC PORTS.

CONTAINERISED MONOREPO

ALL FIVE SERVICES LIVE IN A SINGLE MAVEN MONOREPO, EACH WITH ITS OWN DOCKERFILE. DOCKER COMPOSE ORCHESTRATES THE FULL SYSTEM LOCALLY — KAFKA, ZOOKEEPER, ALL SERVICE DBs, AND ALL SERVICES SPIN UP WITH ONE COMMAND. EACH SERVICE IS INDEPENDENTLY BUILDABLE AND DEPLOYABLE.

STACK:

JAVA 17 · SPRING BOOT 3 · gRPC · APACHE KAFKA · POSTGRESQL · DOCKER

PROTOBUF · SPRING SECURITY · JWT · SPRING DATA JPA · MAVEN

***