Multi-Location Oral Surgery Patient App & Staff Portal
Designed and proposed a HIPAA-compliant native iOS and Android patient app with a full staff web portal for a 4-location, 10-provider oral surgery practice — covering appointment booking, post-op care, emergency triage, and a built-in CMS.
Project Visual Placeholder
The Challenge
Bergen Oral & Maxillofacial Surgery operates four locations across Bergen County with over ten oral surgeons. Their patient scheduling relied entirely on phone calls, resulting in voicemail tag, 2-3 touchpoints per booking, and frustrated patients. Staff toggled between their PMS, phone systems, and paper to coordinate across locations. New patient intake involved faxed referrals and in-person paperwork. Post-op instructions were handed out on printed sheets that patients frequently lost. Emergency patients — a key revenue driver with same-day availability — had no fast path to reach the practice outside of calling. Meanwhile, the practice had 400+ blog posts on their website with no way to surface that content to patients at the point of care. They needed a unified digital experience for patients and a centralized command center for staff, all built on a HIPAA-compliant foundation.
Our Approach
We produced a comprehensive concept package: a 17-slide branded presentation deck with 23 high-fidelity UI mockups (14 patient screens across iOS and Android, 9 staff portal screens), a full system architecture diagram with HIPAA security mapping, discovery worksheets for the client meeting, and a detailed implementation plan. The patient app features a 5-step smart booking flow, multi-location selector with directions, document upload for referrals and insurance cards, a prominent emergency fast lane with triage checklist, procedure-specific post-op instructions with timeline views, and a blog/education feed. The staff portal provides a multi-location dashboard, appointment request queue, calendar views by provider, a built-in WYSIWYG blog CMS with app preview, and full settings management. The architecture uses native Swift/SwiftUI for iOS and Kotlin/Jetpack Compose for Android, Next.js for the staff portal, NestJS backend with modular architecture, PostgreSQL with AES-256 encryption, S3 file storage, and Redis caching. Security design includes TLS 1.3, JWT auth with MFA, role-based access control, full PHI audit trails, and BAA requirements mapped for all vendors.
Technology Stack
Outcomes
- Delivered complete concept package with 17-slide presentation and 23 high-fidelity mockups
- Full HIPAA security architecture designed covering all 45 CFR 164 safeguard categories
- MVP scoped to 10-week timeline with clear Phase 2 roadmap
- Discovery worksheets prepared for 8 key decision areas
- Architecture supports 4 locations and 10+ providers with multi-tenant design
- Emergency fast lane feature designed to capture same-day appointment revenue
Ready to build something like this?