We built this product from the ground up. To understand the healthcare center’s workflow, we analyzed all possible interactions among staff at the center, doctors and patients, and the document flow to make sure we reconstructed all connections in the digital space.

Our UX/UI team designed a unique interface for both patients and staff. We created more than 300 screens to fulfil all our user stories.

We developed a convenient system for managing visits that lets patients view their appointment history, set reminders, and chat with the doctor in charge.

We built an informative service that’s compliant with Data Protection Directive 1995/46/EC and e-Privacy Directive 2002/58/EC, making sure that healthcare data is encrypted at all stages.

For a project such as Nova Vita, performance and security are critical. Therefore, we used only trusted and secure technologies.
 

We created two big modules: Django and Node.js. Django is responsible for the main part of the site and app communication, authentication, user management, and file handling. The Node.js module is responsible for chats and notifications.

We used Amazon encrypted storage and secure, signed URLs for files. The service is based on Amazon S3 file storage, which is configured to store encrypted files. Even if stolen, these encrypted files can’t be read. They can only be accessed via a secure connection with a signed URL that has a limited access time.

The server architecture was designed to make the system fast, secure, stable, and scalable. We held a brainstorming session to define the best components for this project that would allow us to build the system according to all requirements.

A Django server provides the REST API for the website. It also manages files, user information, schedules, and appointments.

The frontend was made using SPA (Single-page application) technology. A React application handles client-side navigation and UI rendering. React brings us speedy interfaces and the development agility.

A Node.js server handles the WebSocket protocol and is responsible for chat and on-site notifications.

Redis ensures caching and communications between Django, Node, and Celery.

Celery performs all kinds of periodic activities: synchronizes with services such as Google Calendar, sends out reminders to users and doctors, communicates with the labs API, and more.

Whenever a user needs to be notified about something, Django puts a message in the Redis queue. Each message is processed with Node.js and statuses are updated in the main PostgreSQL database.

We implemented two-factor authentication with one-time passwords as the second factor. Users can’t register themselves, so the only way to get a password is to come to the clinic in person, provide personal information and documents, and have an administrator create an account.

For the first step of the login process, the user enters their login and the password they were given by the center. The password is temporary and must be changed by a user right after SMS code confirmation. When a user enters the right code they got in SMS, they can change the initial password.

All sensitive data in the database is encrypted so only certain individuals have access to it. All uploaded files are encrypted, stored, and transferred only to authorized users via a secure channel. A secure connection via HTTPS over TLS is used for all connections between the app and servers to ensure the privacy and integrity of transmitted data.

We used Twilio for SMS messages, Firebase for push notifications, and Amazon SES for emails. Notifications are stored in Amazon RDS based on PostgreSQL. We integrated Google Calendar to make it easier for users to see medical appointments alongside their other events. We also integrated Mailchimp for automated marketing emails.