CASE STUDY
HIPAA Compliant Women’s Health Teleconsultation Platform
Overview
Our USA based client offers a range of healthcare services. Client approached Xponentium to build a comprehensive women’s health platform offering digital care and telemedicine services to patients anywhere, anytime.
Problem Statement
Together with the client, Xponentium’s team conducted multiple workshops and came up with the following requirements aimed at seamless interactions between the ecosystem players:
-
Appointment Booking module with robust process flow ensuring no double booking
-
Chat based support for patients answering queries through expert physicians
-
Payment gateway integration offering patients multiple payments options to pay consultation fees
-
Ensuring HIPAA compliance across the platform to protect privacy, security and integrity of Protected Health Information (PHI)
OUR SOLUTION
Working closely with the client, Xponentium’s team detailed the broad requirements provided and built a solution with the following major functionalities:
-
Patient portal: Dashboard displaying appointments, dates and questionnaire headers. Feature to schedule the selected appointment including update to the physician calendar and notification of a new appointment to the physician. Allowing Patient to register his insurance details in portal, which will help in deducting 25-30% consultation to be paid during telehealth visit. Real-time chat between patient and provider before and after appointment
-
Physician portal: Ability for a physician to create and maintain a calendar of their calls. Ability to cancel or reschedule appointments. Ability for a physician to create and maintain a calendar to avoid double bookings.
-
Admin portal: Ability to have an overview and manage the whole eco-system including appointment, physician registration etc.
-
Telehealth consultation: Patient and Physician Telehealth Consultation using Twilio video calling feature.
Xponentium Impact
-
Our solution was able to pass through the HIPAA Audit without any hiccups. We followed best practices to ensure the HIPAA Compliance.
-
Encrypted patient sensitive data such as personal information, appointments, insurance details. Ensuring security both during data transmission and storage.
-
Health data and personal identifiers was not stored on local computers or mobile devices.
-
Data is maintained in a patient centric database.
-
All data is stored at the transaction level maintaining all history for a particular patient.
Technologies
Node Js
React
MySQL
AWS Cloud
Twillio
Stripe