How to Integrate OpenAI for healthcare with AWS Lambda for production AI
OpenAI for healthcare plus AWS Lambda is a solid pattern when you need clinical-grade AI logic behind a serverless boundary. Lambda gives you the event-driven execution layer, while OpenAI handles language understanding, summarization, extraction, and triage logic for healthcare workflows like prior auth support, patient-message routing, and chart-note summarization.
Prerequisites
- •Python 3.11 installed locally
- •AWS account with:
- •an IAM role for Lambda
- •permission to write CloudWatch logs
- •permission to invoke Lambda
- •AWS CLI configured:
- •
aws configure
- •
- •An OpenAI API key stored as an environment variable or in AWS Secrets Manager
- •
boto3installed for AWS SDK access - •
openaiPython SDK installed - •A deployed Lambda function, or permission to create one
- •Basic familiarity with JSON event payloads in Lambda
Install the Python dependencies:
pip install openai boto3
Integration Steps
1. Create the OpenAI client and a Lambda-safe handler
In production, keep your Lambda handler small. Parse the event, call OpenAI, return JSON.
import os
import json
from openai import OpenAI
client = OpenAI(api_key=os.environ["OPENAI_API_KEY"])
def lambda_handler(event, context):
patient_message = event.get("message", "")
response = client.responses.create(
model="gpt-4.1-mini",
input=f"""
You are a healthcare assistant.
Summarize the following patient message into:
1. chief complaint
2. urgency level: low, medium, high
3. recommended next action
Message:
{patient_message}
"""
)
return {
"statusCode": 200,
"body": json.dumps({
"result": response.output_text
})
}
This uses the OpenAI responses.create() API, which is the right default for production agent workflows. Keep prompts deterministic and structured so downstream systems can parse them.
2. Package the Lambda function with environment variables
Set the OpenAI key as an environment variable in Lambda. Do not hardcode secrets in code.
import os
def get_config():
return {
"openai_api_key": os.environ["OPENAI_API_KEY"],
"region": os.environ.get("AWS_REGION", "us-east-1")
}
If you want stricter secret handling, pull from AWS Secrets Manager at runtime:
import json
import boto3
secrets_client = boto3.client("secretsmanager")
def load_openai_key(secret_id: str) -> str:
secret_value = secrets_client.get_secret_value(SecretId=secret_id)
secret_string = secret_value["SecretString"]
return json.loads(secret_string)["OPENAI_API_KEY"]
For healthcare workloads, Secrets Manager is usually the better choice because it centralizes rotation and access control.
3. Invoke OpenAI from Lambda with structured outputs
For production AI agents, don’t return free-form text only. Ask for structured output so your workflow can branch safely.
import os
import json
from openai import OpenAI
client = OpenAI(api_key=os.environ["OPENAI_API_KEY"])
def lambda_handler(event, context):
note = event["note"]
response = client.responses.create(
model="gpt-4.1-mini",
input=[
{
"role": "system",
"content": "You extract clinical entities from patient notes."
},
{
"role": "user",
"content": note
}
],
text={
"format": {
"type": "json_schema",
"name": "clinical_extraction",
"schema": {
"type": "object",
"properties": {
"symptoms": {"type": "array", "items": {"type": "string"}},
"medications_mentioned": {"type": "array", "items": {"type": "string"}},
"risk_level": {
"type": "string",
"enum": ["low", "medium", "high"]
}
},
"required": ["symptoms", "medications_mentioned", "risk_level"],
"additionalProperties": False
}
}
}
)
return {
"statusCode": 200,
"body": json.dumps({
"clinical_data": response.output_text
})
}
This pattern is easier to validate than parsing prose. In a real healthcare system, that means fewer brittle regexes and cleaner handoff to EHR or case-management services.
4. Call your Lambda function from another service using boto3
A common pattern is: API Gateway or Step Functions triggers Lambda, and Lambda calls OpenAI. If you need to invoke the function from another service or test harness, use boto3.client("lambda").invoke().
import json
import boto3
lambda_client = boto3.client("lambda", region_name="us-east-1")
payload = {
"message": (
"Patient reports chest tightness since last night and shortness of breath "
"after climbing stairs."
)
}
response = lambda_client.invoke(
FunctionName="healthcare-openai-agent",
InvocationType="RequestResponse",
Payload=json.dumps(payload).encode("utf-8")
)
result = json.loads(response["Payload"].read())
print(result["statusCode"])
print(result["body"])
This is useful for integration tests and orchestration flows. In production agent systems, Step Functions often sits above this layer to manage retries, timeouts, and escalation paths.
5. Add logging and failure handling for production use
Healthcare systems need traceability. Log request IDs, sanitize PHI where possible, and fail closed when the model call fails.
import os
import json
import logging
from openai import OpenAI
logger = logging.getLogger()
logger.setLevel(logging.INFO)
client = OpenAI(api_key=os.environ["OPENAI_API_KEY"])
def lambda_handler(event, context):
try:
request_id = context.aws_request_id if context else "unknown"
logger.info("request_id=%s event_received=%s", request_id, list(event.keys()))
response = client.responses.create(
model="gpt-4.1-mini",
input=event["message"]
)
return {
"statusCode": 200,
"body": json.dumps({
"request_id": request_id,
"output": response.output_text
})
}
except Exception as exc:
logger.exception("Lambda processing failed")
return {
"statusCode": 500,
"body": json.dumps({
"error": str(exc)
})
}
Keep logs minimal if they may contain PHI or other sensitive data. In regulated environments, route audit events separately from application logs.
Testing the Integration
Use a local Python script to invoke the deployed Lambda and verify the model output comes back correctly.
import json
import boto3
client = boto3.client("lambda", region_name="us-east-1")
test_event = {
"message": (
"The patient has a fever of 102F, persistent cough for 5 days, "
"'and mild fatigue."
)
}
response = client.invoke(
FunctionName="healthcare-openai-agent",
InvocationType="RequestResponse",
Payload=json.dumps(test_event).encode("utf-8")
)
payload = json.loads(response["Payload"].read())
print(payload["statusCode"])
print(payload["body"])
Expected output:
{
"statusCode": 200,
"body": "{\"result\": \"...\"}"
}
If you used structured output, expect JSON inside body, something like:
{
"\"clinical_data\"":
"{\"symptoms\":[\"fever\",\"cough\",\"fatigue\"],\"medications_mentioned\":[],\"risk_level\":\"medium\"}"
}
Real-World Use Cases
- •Patient intake triage
- •Classify incoming messages by urgency and route high-risk cases to nurses or on-call clinicians.
- •Prior authorization support
- •Extract diagnosis codes, symptoms, and treatment history from notes to draft payer-facing summaries.
- •Clinical note summarization
- •Turn long visit transcripts into concise summaries for chart review or care coordination.
The clean architecture here is simple: AWS Lambda handles execution boundaries and operational controls; OpenAI handles language tasks; your surrounding workflow enforces policy, validation, and escalation. That’s the shape you want when building production AI in healthcare.
Keep learning
- •The complete AI Agents Roadmap — my full 8-step breakdown
- •Free: The AI Agent Starter Kit — PDF checklist + starter code
- •Work with me — I build AI for banks and insurance companies
By Cyprian Aarons, AI Consultant at Topiax.
Want the complete 8-step roadmap?
Grab the free AI Agent Starter Kit — architecture templates, compliance checklists, and a 7-email deep-dive course.
Get the Starter Kit