Helix Health
Multi-clinic specialty group · 6 locations
HIPAA-ready intake — threat model in week one, code in week two
Replace clipboard intake with a 7-minute, accessible, HIPAA-ready web flow.
A growing multi-location specialty clinic was losing 20+ minutes per patient at the front desk to a paper intake packet that then had to be re-keyed into the EHR. We built a phone-first web intake that the patient completes before arriving, signed-on-screen, and that pushes structured data into the clinic's EHR via a vetted integration partner.
New · Healthcare
HIPAA.
Replace clipboard intake with a 7-minute, accessible, HIPAA-ready web flow.
Sample mockup · illustrative only
- Industry
- Healthcare
- Timeline
- 6 weeks
- Team
- 4
- Service
- Web + Cybersecurity
- Project tier
- Web App MVP / $19,995 + Security audit / $4,995
The Problem
What was broken.
Patient throughput was capped by front-desk time. The existing intake was a 14-page PDF that arrived stapled in a folder. About one third of patients filled it out incorrectly, requiring another round of clarifying questions. The clinic's compliance officer had a list of 23 things she wanted on a digital intake (auditable consent, IP/timestamp logging, BAA-covered hosting, breach notification flows) — and zero patience for a vendor that handwaved them.
Our Approach
How we framed it.
We started by reading the compliance officer's list and writing a one-page security threat model with her. Architecture: Next.js front-end, Postgres encrypted at rest, all PHI fields encrypted at the column level with KMS-managed keys, Auth0 for patient identity (Twilio second-factor for unauthenticated entry), Cloudflare WAF + rate limits, Sentry with PII scrubbing rules audited line-by-line. Intake form is an XState-driven flow that branches based on patient response. Every consent signature stamps IP, user-agent, and a SHA of the form schema at the time of signing.
Capability proof
What this case demonstrates.
This case makes the hidden work visible: strategy, architecture, delivery control, quality evidence, and handoff.
01 / Product judgment
Problem framed before UI
Patient throughput was capped by front-desk time. The existing intake was a 14-page PDF that arrived stapled in a folder. About one third of patients filled it out incorrectly, requiring another round of clarifying questions. The clinic's compliance officer had a list of 23 things she wanted on a digital intake (auditable consent, IP/timestamp logging, BAA-covered hosting, breach notification flows) — and zero patience for a vendor that handwaved them.
02 / Technical depth
8 stack decisions
Next.js 15, Postgres, Auth0, AWS KMS, Twilio (verification), S3 (encrypted at rest)
03 / Delivery discipline
6 delivery checkpoints
Threat model + compliance walk-through / Schema + branching flow / Build + KMS + audit log
04 / Handoff quality
6 shipped artifacts
Patient-facing intake at intake.helixhealth.example (white-labeled) / Compliance officer dashboard with full audit log + export-to-CSV / Front-desk view: live list of completed-but-not-checked-in patients
Production artifacts
Inspect the work behind the visible result.
Each case exposes the surfaces, systems, evidence, and handoff package that make the shipped product usable after launch.
Experience layer
Buyer or user surface
Self-serve intake portal with HIPAA-aware fields, allergy autocomplete, and audit log. Nurses spot-review.
Proof 01
Replace clipboard intake with a 7-minute, accessible, HIPAA-ready web flow.
Proof 02
Sat with the clinic compliance officer for two half-days. Wrote a STRIDE-style threat model and got her...
Proof 03
Compliance officer dashboard with full audit log + export-to-CSV
Production signals
Observable
Errors, logs, alerts, or dashboards included.
Accessible
Accessibility treated as a shipping requirement.
Risk-aware
Security and compliance boundaries named.
Release-ready
Deployment or store-release path included.
Before / after · product UI mockup
Industry · Healthcare
Before:Patients filled a 9-page paper form on arrival; intake nurse re-typed it into 4 systems.
After:Self-serve intake portal with HIPAA-aware fields, allergy autocomplete, and audit log. Nurses spot-review.
How the engagement ran.
- 01Day 1-3
Threat model + compliance walk-through
Sat with the clinic compliance officer for two half-days. Wrote a STRIDE-style threat model and got her sign-off before writing any code.
- 02Week 1
Schema + branching flow
Modeled intake as an XState machine. Walked the clinic intake nurse through every branch on a whiteboard.
- 03Week 2-3
Build + KMS + audit log
Implemented column-level encryption, Auth0 + Twilio passwordless, append-only audit log table.
- 04Week 4
EHR push integration
Built an HL7/FHIR-shaped payload to the clinic's EHR partner. Mocked first, then certified through the partner's sandbox.
- 05Week 5
Accessibility + soak test
Axe-core + manual screen-reader testing. Loaded the staging environment with 200 fake intake submissions to look for race conditions.
- 06Week 6
Pilot launch + monitoring
Soft-launch at one clinic. Sentry + custom metric dashboard. On-call for the first 10 days.
- 1
Day 1-3
Threat model + compliance walk-through
Sat with the clinic compliance officer for two half-days. Wrote a STRIDE-style threat model and got her sign-off before writing any code.
- 2
Week 1
Schema + branching flow
Modeled intake as an XState machine. Walked the clinic intake nurse through every branch on a whiteboard.
- 3
Week 2-3
Build + KMS + audit log
Implemented column-level encryption, Auth0 + Twilio passwordless, append-only audit log table.
- 4
Week 4
EHR push integration
Built an HL7/FHIR-shaped payload to the clinic's EHR partner. Mocked first, then certified through the partner's sandbox.
- 5
Week 5
Accessibility + soak test
Axe-core + manual screen-reader testing. Loaded the staging environment with 200 fake intake submissions to look for race conditions.
- 6
Week 6
Pilot launch + monitoring
Soft-launch at one clinic. Sentry + custom metric dashboard. On-call for the first 10 days.
Deliverables
What we shipped.
- ✓Patient-facing intake at intake.helixhealth.example (white-labeled)
- ✓Compliance officer dashboard with full audit log + export-to-CSV
- ✓Front-desk view: live list of completed-but-not-checked-in patients
- ✓EHR push integration via HL7/FHIR partner
- ✓Encrypted-at-rest Postgres with KMS-managed column encryption
- ✓Runbook for breach notification, key rotation, and on-call escalation
Outcomes.
engagement targetsGoal: cut average intake time from ~22 min to under 7 min
Goal: reduce front-desk re-keying time to near zero
Plan: compliance officer's 23-item checklist signed off line-by-line
Plan: auditable consent log: every signature stamped with IP + form-schema hash
Plan: mobile-first: tested on a 5-year-old Android in airplane mode + LTE
Plan: wCAG 2.2 AA pass on every form step
Honest challenges
What we got wrong (or almost wrong).
The pretty version of any case study skips this part. We don't.
- 01
Auth0 second-factor flow had to work for patients without smartphones — added a fallback magic-link delivered via SMS through Twilio.
- 02
EHR integration partner's sandbox returned different field names than production. Caught it in pilot week, hot-fixed in a day.
- 03
WCAG audit caught an issue with our progress indicator — refactored to use real list semantics instead of presentational divs.
In our own words
Threat modelling with the compliance officer in week one is the whole game. By the time we wrote the first line of code, every encryption boundary, every audit row and every consent surface had a name and an owner — the engineering after that is the easy part.
From the Hayaiti team
Engineering · design · security
Technical blueprint
How the work holds together.
Buyers should see that the visual layer is backed by architecture, quality gates, and operational ownership.
Experience
1Application
2Data
3Operations
4Security
5Stack used
8 technologiesRelated
Other cases like this.
Northwind Studios
Onboarding rebuild · Series A SaaS
Cut signup-to-aha-moment from 9 minutes to under 90 seconds.
DTC E-commerceAperture Goods
Shopify Hydrogen replatform
Move a slow, theme-bloated Shopify storefront to a fast Hydrogen build.
Climate / ESGSentinel Operating
Scope 1-2-3 emissions dashboard
Produce defensible Scope 1-2-3 emissions reports without an army of consultants.
Want a case study like this?
Want this level of production quality on your project?
Send a short brief and we'll reply with scope, timeline, price direction, and the first technical recommendation.