Heart Care Plus (HCP), a leading healthcare provider, envisioned enhancing patient care by creating a new patient portal. Seeking to move beyond the limitations of their current 3rd-party software service, HCP partnered with Provisio to develop a custom solution that would address their long-term needs, enhance patient access, and provide a superior return on investment (ROI).
Their Needs
In this initial phase, the primary focus was on document management and secure patient access. The project aimed to lay the foundation for future enhancements, ensuring scalability and adaptability. The key objectives were:
Provide HCP staff with a secure method to share documents with patients.
- Furnish HCP patients with a secure, HIPAA-compliant platform for viewing medical information.
- Implement HIPAA-compliant messaging for encrypted and secure communication.
- Enable email notifications to patients and client-specified addresses upon message creation.
- Allow patients to view a list of all messages sent and received, with access limited to their associated messages.
- Provide HCP staff with comprehensive access to view all messages within the portal.
- Programmatically import PDF files, associating them with patients and predefined categories.
Our Solution
In addressing HCP's diverse needs, the patient portal we delivered encompassed the following features:
Web-Based Portal: The solution comprised a secure web-based portal that was hosted in a container-based infrastructure, ensuring optimal security and efficiency.
User Access Framework: We implemented a robust user access framework that allowed varying permissions based on the roles of both HCP staff and patients.
Document Management System: Our solution seamlessly integrated a document management system, empowering HCP staff to securely upload, manage, and share documents.
Configurable Security Settings: We successfully implemented configurable security settings, including two-factor authentication, ensuring strict HIPAA compliance.
Administrative Functions: The delivered portal featured comprehensive administrative functions for authorized HCP staff, enabling the seamless creation, management, and maintenance of patient accounts.
HIPAA-Compliant Messaging: Our solution included encrypted messaging, both in transit and at rest, facilitating secure communication between HCP staff and patients.
Email Notifications: Automated email notifications were set up to inform patients and client-specified addresses upon the creation of messages, promoting efficient communication.
Message Archive: Patients could access a comprehensive list of all messages sent and received, with restricted access limited to messages associated with the respective patient.
Comprehensive Staff Access: HCP staff enjoyed complete visibility, being able to view all messages within the portal, thus ensuring efficient communication management.
Programmatic PDF Import: We implemented a programmatic approach for importing PDF files, associating them with patients and predefined categories, streamlining document organization.
Secure Email Notifications: Our approach ensured that email notifications were designed not to contain message content but rather to provide a secure link to the portal's message area.
Privacy Compliance: Messages were mandated to be created within the portal, aligning seamlessly with stringent privacy requirements and ensuring HIPAA compliance.
Manual Import Contingency: A robust contingency plan was established for the manual import of files with anomalies in naming conventions, ensuring seamless data integration.