Patient Management
Portable patient profiles, automated onboarding, and cross-clinic data isolation.
Portable Profiles
A patient's personal information — name, date of birth, allergies, chronic conditions, blood type, insurance, emergency contacts — belongs to the patient, not to any clinic.
When a patient registers at a new clinic on the platform, that clinic sees only their name. The patient must explicitly sign a profile-sharing consent before the clinic can access the rest. This consent is per-clinic: sharing with Clinic A does not share with Clinic B.
What each clinic can see
| Data | Visible to the clinic? |
|---|---|
| Patient name | Always — minimum needed for scheduling |
| Portable profile (date of birth, allergies, blood type, insurance) | Only after the patient signs the clinic's profile-sharing consent |
| Clinical records from another clinic (appointments, forms, reports) | Never — clinical records are completely isolated between clinics |
| Consent records from another clinic | Never — consent is recorded per clinic |
If a patient wants Clinic B to see records from Clinic A, they do it the traditional way: export or download from Clinic A and provide it to Clinic B themselves. The platform does not share records between clinics automatically.
Onboarding
When a patient books their first appointment at a clinic, the onboarding process handles everything automatically:
- Account creation — if the patient is new to the platform, an account is created from their booking details
- Clinic registration — the patient is linked to the clinic as a new patient
- Form generation — intake forms, consent forms, and any service-specific forms are created automatically based on the clinic's configuration
- Video room setup — if the appointment includes a video consultation, the room is set up and ready
The specialist can review all patient information and completed forms before the appointment begins.
Family members
Family members can book and manage care for others (children, elderly parents) without the dependent needing their own account. The primary account holder manages appointments and forms on their behalf.
Patient Segments
Clinics can create dynamic patient groups that update automatically based on rules. Combine any criteria to build targeted cohorts:
- Profile data — age, insurance type, chronic conditions
- Form responses — pain levels, satisfaction scores, specific answers
- Appointment history — frequency, no-shows, last visit date
- Treatment adherence — exercise completion rates, plan progress
Examples:
- "Patients over 65 with low treatment adherence"
- "New patients who haven't completed intake forms"
- "High pain patients with no appointments in the last 3 months"
Segments update automatically as patients fill forms, complete appointments, or change their profile. They can be used to drive targeted communications, automation triggers, and reporting.
Data Protection
- Patient records are never permanently deleted — soft deletion only, as required by healthcare regulations
- All access to patient data is logged in the audit trail
- Admins can impersonate patients for support purposes — every action during impersonation is logged separately and clearly marked
- Patient data is encrypted at rest — sensitive fields like phone numbers use application-level encryption on top of database encryption
For developers
Technical details — database schemas, API endpoints, onboarding flow implementation, impersonation mechanism, and segment rule engine — are available in the Patients feature spec and Segments feature spec.