Going to Production
A checklist for launching your PearMedica integration. Use this guide to ensure your deployment is secure, reliable, and clinically safe before going live.
API Keys & Security
Switch from sk_test_ to sk_live_ keys
CriticalStore API keys in environment variables — never in source code
CriticalUse separate API keys for staging and production
Enable key rotation schedule (quarterly recommended)
Restrict API calls to server-side only — never expose keys in client-side code
CriticalError Handling
Implement retry logic with exponential backoff for 429/500/503 errors
CriticalAdd circuit breaker pattern (stop calling after 5 consecutive failures)
Build a fallback UI for when the API is unavailable
CriticalLog all API errors with request context for debugging
Handle QUOTA_EXCEEDED (403) gracefully — show upgrade prompt
Monitoring & Observability
Poll GET /v1/health every 30 seconds to monitor API availability
CriticalTrack assessment latency (p50, p95, p99) in your monitoring stack
Set up alerts for error rate spikes (>1% of requests failing)
Monitor rate limit headers (X-RateLimit-Remaining) and alert at 80% utilisation
Review GET /v1/usage regularly to track quota consumption
Clinical Safety
Display the medical disclaimer on every assessment shown to patients
CriticalHandle "emergency" triage responses with immediate escalation to human staff
CriticalNever present AI assessments as definitive diagnoses
CriticalLog all emergency-level assessments for clinical audit
Test red flag scenarios (chest pain + shortness of breath) to verify emergency detection
CriticalSwitching from Test to Live
Verify in Sandbox
Ensure all integration tests pass using your sk_test_ key. Verify all edge cases: empty evidence, emergency patterns, rate limit handling.
Generate Production Key
Go to Dashboard → API Keys → Create New Key → Select "Production". Save the key securely — it is shown only once.
Update Environment Variables
Set PEARMEDICA_API_KEY=sk_live_your_key in your production environment. Never commit this to version control.
Deploy & Monitor
Deploy your application. Monitor the first 100 assessments for error rates, latency, and triage distribution. Check the Dashboard for real-time usage.
NDPA 2023 Compliance Note
If your application processes real patient data in Nigeria, ensure your setup complies with the Nigeria Data Protection Act 2023. PearMedica's MVP uses synthetic data on Supabase. Post-funding, production data will be migrated to Nigerian-hosted infrastructure. Contact us for guidance on compliance requirements.