Architecting AI driven Value-Based Care on Snowflake

Executive Summary

Value-Based Care (VBC) has become the operating mandate for U.S. healthcare yet execution stalls because clinical, claims, pharmacy and social-determinant data live in incompatible silos and arrive too late to change outcomes. The Medicare Shared Savings Program generated $2.48 billion in net savings across 480 ACOs serving 10.8 million beneficiaries in 2024, while CMS simultaneously penalized 42% of U.S. hospitals (2,273 facilities) under the Hospital Readmissions Reduction Program redistributing $284 million in penalties. McKinsey estimates that scaled VBC could unlock $100 billion in annual savings; agentic AI is what makes that scale achievable.

This paper presents the joint Mastech Digital × Snowflake reference architecture for AI-driven VBC: a FHIR-native data foundation on the Snowflake AI Data Cloud, specialized care agents orchestrated through Snowflake Cortex Agents, ecosystem collaboration via Snowflake Marketplace and Data Clean Rooms, and end-to-end governance through Snowflake Horizon and Cortex Guard. The result is a measurable, auditable, production-grade pattern that converts VBC strategy into clinical and financial outcomes.

1. The VBC Execution Gap

Value-Based Care succeeds only when five operational frictions are eliminated: fragmented data across EHR, claims and pharmacy systems; reactive workflows driven by month-old dashboards; alert fatigue from context-free notifications; handoff failure during transitions of care; and one-size-fits-all protocols that ignore individual complexity. Each friction is a data architecture problem disguised as a clinical or financial problem.

Kaiser Permanente sustains readmission rates below 10% versus the 15–17% national average. Geisinger reduced readmissions by 44% through telemonitoring. Intermountain Healthcare documented over $90 million in savings across five years. The common pattern: longitudinal data, real-time signals and embedded decision support.

Why Snowflake is the Substrate for VBC

• Multimodal-by-default: a single governed surface for structured claims, semi-structured FHIR bundles, and unstructured clinical notes without ETL into separate stores.
• Compute-to-data: Cortex AI runs LLMs and ML next to the data, eliminating PHI egress, preserving HIPAA boundaries, and collapsing the AI supply chain into one perimeter. Cortex Guard filters PII from LLM outputs, ensuring LLM-generated content respects enterprise security policies, agents cannot hallucinate exposure of protected health information.
• Interoperable by design: zero-copy data sharing, Snowflake Marketplace and Data Clean Rooms operationalize what FHIR and TEFCA standardize. Apache Iceberg as the underlying table format ensures data portability across external engines (Spark, Trino) via Polaris Catalog, preventing vendor lock-in.
• Governance-native: Horizon Catalog enforces RBAC/ABAC, dynamic masking, lineage and drift monitoring as platform primitives, not bolt-ons. Every Cortex Agent automatically inherits these policies, agents physically cannot perceive data that their human operators cannot access.

2. The Reference Architecture: End-to-End on Snowflake

The Mastech × Snowflake reference architecture is a six-layer stack designed for durability, compliance, and operational transparency. Each layer maps to a specific Snowflake capability, and each capability maps directly to a VBC outcome: MSSP shared-savings, HRRP penalty avoidance, HEDIS/Stars rating uplift, or risk-adjustment accuracy. The architecture is a first-class Snowflake service, eliminating the integration tax that defeated the previous generation of population-health platforms.

Figure 1: End-to-End Reference Architecture: AI-Driven VBC on the Snowflake

2.1 Layer-by-Layer Composition

The architecture adheres to three durability principles that apply uniformly across all layers:

• Immutable audit trails via Apache Iceberg: all data mutations are logged and recoverable for HIPAA/HITRUST audits.
• Automatic policy inheritance via Horizon Catalog: agents do not bypass governance; they inherit row-access and dynamic masking policies automatically.
• Operational observability via Model Registry + Cortex Evals + query logging with every decision traceable to source data and reasoning steps.

3. The FHIR-Native Data Foundation: Patient 360 on Iceberg

Every VBC outcome traces back to a prerequisite: a longitudinal, FHIR-coherent Patient 360 that joins claims, clinical, pharmacy, lab and social-determinant data. Snowflake supports this directly through native HL7/FHIR ingestion, the Apache Iceberg open lakehouse format, Document AI for unstructured content, and the Horizon Catalog for policy enforcement.

Patient 360 serves as the Master Data Management (MDM) governance hub for the entire VBC system. Every downstream analytics, agent decision, and compliance audit originates from or traces back to Patient 360. This hub enforces referential integrity across claims, clinical, and social dimensions, ensuring agents reason from a single source of truth.

Figure 2: FHIR-Native Data Foundation: Patient 360

3.1 Streaming Interoperability with Snowflake OpenFlow

OpenFlow is Snowflake's managed ingestion fabric, optimized for healthcare's heterogeneous feeds. Rather than nightly batch loads from data lakes, OpenFlow connectors pull HL7v2 ADT messages, FHIR R4 bundles, X12 837/835 EDI files, NCPDP pharmacy transactions and remote patient-monitoring telemetry into Snowflake in near real time. Schema-drift detection means a payer adding a new ICD-10 modifier or a vendor rotating a FHIR extension does not break downstream agents.

Note: OpenFlow provides connectors for major healthcare sources. Where OpenFlow-native connectors are unavailable (proprietary lab instruments, legacy claim systems),it is supplemented with Snowpark-based custom connectors or traditional cloud-based ETL tools to ensure complete interoperability without waiting for new connector development. This hybrid approach prevents ingestion delays while maintaining the schema-drift benefits of declarative pipelines.

3.2 The Bronze / Silver / Gold Iceberg Medallion

• Bronze: raw FHIR bundles, X12 transactions and HL7 messages preserved as immutable Iceberg tables for audit. All data in Bronze is queryable via external engines (Spark, Trino) through Polaris Catalog, enabling external data scientists to conduct compliance audits without data export. Immutability prevents accidental or malicious tampering with audit records.
• Silver: normalized to OMOP Common Data Model with referential integrity, terminology mapping (LOINC, SNOMED CT, RxNorm) and PHI tagging. PHI tagging via Cortex Guard enables row-level masking policies to be automatically applied downstream. Schema changes are detected and logged for lineage tracking.
• Gold: the Patient 360 Vault, HCC Risk Mart, Quality Measure Store and Attribution Roster denormalized for sub-second agent retrieval. All Gold tables are populated via Dynamic Tables, which incrementally refresh based on Silver table changes, no manual task orchestration required.
• Horizon Catalog enforces row-access policies that filter beneficiaries by attribution roster, dynamic masking that redacts PHI based on requesting role, attribute-based access control for multi-tenant ACO scenarios, and end-to-end lineage that satisfies HIPAA, HITRUST and CMS audit obligations. Every Cortex Agent inherits these policies automatically so agents physically cannot see data their human operators cannot see.
• Cortex Guard filters personally identifiable information from LLM outputs. When Cortex Complete generates a clinical brief grounded by Cortex Search retrieval, Cortex Guard ensures no raw patient names, medical record numbers, or diagnoses leak into the LLM output—even if those values appear in the source documents. This second layer of governance protects against hallucination-induced PHI exposure.
• Operational Durability Ops integrates monitoring across four critical dimensions:

Because these tables are Apache Iceberg-format, they are open, queryable from external engines, and never trapped in a proprietary file format, a critical concession to healthcare CIOs who demand data-portability guarantees.

3.3 Unstructured Clinical Content via Document AI

Roughly 80% of clinically meaningful information lives in unstructured PDFs, faxes and discharge summaries. Snowflake Document AI extracts entities and relationships from these artifacts at the point of ingestion and writes both vector embeddings and structured tuples into Iceberg. Cortex Search then provides vector-native retrieval for any agent that needs clinical context without a separate vector database. All retrievals include Iceberg row-level lineage, enabling agents to cite source documents in clinical briefs.

3.4 Governance and Operational Durability: Horizon Catalog + Cortex Guard + Observability

Governance in this architecture is layered and automatic:

• Horizon Catalog enforces row-access policies that filter beneficiaries by attribution roster, dynamic masking that redacts PHI based on requesting role, attribute-based access control for multi-tenant ACO scenarios, and end-to-end lineage that satisfies HIPAA, HITRUST and CMS audit obligations. Every Cortex Agent inherits these policies automatically so agents physically cannot see data their human operators cannot see.
• Cortex Guard filters personally identifiable information from LLM outputs. When Cortex Complete generates a clinical brief grounded by Cortex Search retrieval, Cortex Guard ensures no raw patient names, medical record numbers, or diagnoses leak into the LLM output—even if those values appear in the source documents. This second layer of governance protects against hallucination-induced PHI exposure.
• Operational Durability Ops integrates monitoring across four critical dimensions:
  • Data Quality: contin
  • uous monitoring of Silver/Gold table freshness, row counts, and schema drift. SLAs for clinical data ingestion latency (e.g., ADT events within 30 seconds) are tracked and escalated.
  • Cost Attribution: per-agent inference cost, model training cost, and query cost are tagged and reported. Care teams see the financial impact of their decisions.
  • Lineage Compliance: every SMART on FHIR write-back, claims adjustment, and care-plan modification is traced to source FHIR bundles and query execution plans. Regulators can audit decision provenance.
  • Agent Monitoring: ReAct reasoning loops are logged at each step—perception, reasoning, action, escalation. Hallucination detection flags LLM outputs that contradict patient records.
    
    

4. The Intelligence Layer: Snowflake Cortex AI for VBC

Snowflake Cortex AI is the differentiator that transforms a healthcare data warehouse into a healthcare reasoning engine. Cortex is not a single product but a managed family of services with each addressing a specific reasoning modality required by VBC operations. Services include:

• Cortex Complete: LLM inference for generating clinical briefs, care recommendations, and risk narratives.
• Cortex Search: Vector-native retrieval over clinical notes and FHIR documents, returning results with Iceberg row lineage.
• Cortex Analyst: Natural language interface to structured queries , a tool agents ask business questions and receive SQL execution plans and results.
• Cortex ML: Managed feature stores and model training for XGBoost, LightGBM, and custom Python models, with automatic drift detection.
• Model Registry: Versioning, bias testing across demographic strata, and A/B testing for champion-challenger model validation before production deployment.

5. The VBC Agent Mesh: Specialized Agents on Cortex

Agentic AI is the breakthrough that closes the VBC execution gap. Where prior population-health platforms produced static lists for humans to triage, agents perceive, reason, plan and act autonomously inside governed boundaries. The Mastech × Snowflake architecture deploys specialized agents, orchestrated through a hierarchical ReAct (Reason + Act) pattern that enables agents to learn from failures and adapt their reasoning strategies.

A master orchestrator routes incoming requests across the specialized agents via their custom tools, creating a hierarchical agent mesh that mirrors the organizational hierarchy of a real ACO. Agent communications flow through a message queue (Snowflake Streams), ensuring auditability. Every agent decision is logged with full context: goal, tool invocation, result, reasoning step, and policy enforcement outcome.

The key architectural insight: agents do not need explicit security checks in their logic. Because they operate on Secure Views and inherit Horizon row-access policies, they automatically perceive only the data they are permitted to access. This eliminates a common failure mode in multi-tenant systems, agents accidentally reasoning over cross-tenant beneficiary data. 

Figure 3: VBC Agent Orchestration on Cortex

Risk Sentinel as a Worked Example

Risk Sentinel illustrates the full reasoning depth and governance loop of the architecture:

• Ingestion: An ADT discharge event arrives via OpenFlow and lands in an Iceberg Bronze table. Timestamp and source system are tagged.
• Feature Engineering: A Dynamic Table incrementally computes feature vectors - HCC suspect conditions, polypharmacy index, social-vulnerability score using Snowpark Python UDFs. Feature computation is versioned in the Model Registry for explainability.
• Risk Scoring: A pre-registered XGBoost model in the Snowflake Model Registry scores readmission risk. Model lineage includes: training dataset version, feature set version, hyperparameters, and last-evaluated bias metrics across racial/ethnic groups.
• Clinical Grounding: For any patient above risk threshold, Cortex Complete generates a clinical brief grounded by Cortex Search retrieval over the patient's own longitudinal record (prior admissions, medications, lab trends). Cortex Guard filters the output to remove raw patient identifiers.
• Query Logging & Audit: The Cortex Agent logs the full ReAct reasoning trace: goal → tool selection → result inspection → escalation decision. Query execution plan and row-level lineage are stored in immutable audit tables.
• Policy Enforcement: Every query step is governed by Horizon row-access policies. If the on-call nurse querying Risk Sentinel outcomes is not in the 'Cardiology' role, Horizon automatically filters results to exclude patients outside the cardiology patient roster. This occurs at the database layer, not in application code.
• Governance & Escalation: If model drift is detected (prediction performance drops >5% on recent data), an automated alert triggers a human review step before agents continue. Similarly, if a query pattern suggests data exfiltration (unusual volume of exports), Cortex Guard logs the anomaly and escalates to compliance.
• Action & Routing: The Cortex Agent writes a SMART on FHIR intervention card back to the EHR, escalates a worklist item into a Streamlit Care Manager console, and posts a Slack/Teams alert to the on-call nurse. All actions include provenance: which model scored this patient, which records informed the decision.

End-to-end latency from discharge event to clinician action within minutes. Every step is governed and recorded for audit, a healthcare professional can trace a readmission prevention intervention back through the ML model logic, feature computation, and source FHIR bundle. 

Figure 4: Risk Sentinel Agent Governance Loop

6. Ecosystem Collaboration: Marketplace, Clean Rooms, Native Apps

VBC is a multi-party game. Provider organizations, health plans, pharma, and public-health agencies must collaborate on overlapping populations without exchanging PHI. Snowflake's commercial architecture with Marketplace, Data Clean Rooms and Native Apps is uniquely suited to this constraint.

6.1 Snowflake Marketplace: The VBC Data Supply Chain

Curated reference datasets such as CMS public files, Datavant tokenized linkage, IQVIA and Komodo claims overlays, SDoH indices, FDA NDC mappings are surfaced via Snowflake Marketplace as zero-copy data shares. Customers consume them as live Snowflake objects, eliminating multi-week ingestion projects and ensuring every agent reasons against the freshest reference data. The Mastech VBC Native App will package the entire multi-agent stack as a single installable Marketplace listing with agents, semantic models, Streamlit UIs, deployment scripts giving enterprise customers to right to retain full data sovereignty.

6.2 Data Clean Rooms: Privacy-Preserving Joint Analytics

Where a payer and a provider must compute joint metrics such as shared-savings settlement, attribution reconciliation, network-leakage detection without exposing PHI, Snowflake Data Clean Rooms enforce the contract. Both parties contribute encrypted views; differential privacy and aggregation thresholds enforce that no individual beneficiary can be re-identified; the agreed analytic runs inside the clean room and only the aggregate result leaves. This is the technical mechanism that makes downside-risk VBC contracts auditable without violating HIPAA's minimum-necessary rule.

6.3 Snowflake Native Apps: Distributed Agent Deployment

The Mastech VBC Native App enables a regional health system to deploy the entire agent mesh into its own Snowflake account in hours, not months. The application installs semantic models, Cortex Agent definitions, ML models, Streamlit apps and Snowpark Container Services (SPCS) backends for proprietary clinical algorithms, then binds to the customer's local Patient 360 without Mastech ever seeing a single PHI record. This compute-to-data deployment model is the answer to the SaaS-per-cohort sprawl that has plagued population-health vendors.

7. Governance, Trust and Measurable ROI

7.1 Trust as an Engineering Discipline

Healthcare cannot tolerate hallucinated AI. The architecture treats trust as a layered engineering concern, not a marketing claim. Every Cortex Agent answer is grounded by Cortex Search retrieval and traceable to the source row in Iceberg. Every model in the Snowflake Model Registry is versioned, drift-monitored, and bias-tested across demographic strata. Every action , SMART on FHIR write-back, claims adjustment, care-plan modification is logged in immutable audit tables with full lineage. Horizon makes lineage a first-class object: a regulator can trace a denial letter back through the LLM call, through the retrieval set, through the patient record, to the original FHIR bundle in seconds.

Conclusion: The New Architecture is the strategy

As Value-Based Care matures, the central challenge shifts from vision to execution, with architecture serving as the critical determinant of scalable performance.

The Snowflake AI Data Cloud collapses the integration tax, Cortex AI collapses the AI supply chain, and agentic orchestration collapses the human coordination overhead that has prevented VBC from scaling. Healthcare organizations that treat AI as a feature will continue to run pilots. Healthcare organizations that treat AI as an architecture will run businesses, measurable, auditable, and aligned with the outcomes that patients and payers actually pay for.