Providing hospitals with a secure compliant messaging system
At a glance
Hospify is an NHS Apps Library approved healthcare system supporting teams and patients with a reliable, compliant and secure messaging system. By developing a reliable digital approach, our goal was to enhance communication among healthcare professionals while still ensuring security was the upmost importance. This project would allow fast communication between a range of healthcare professionals, making their jobs more efficient. During the pandemic this was especially important when close interaction was reduced and many staff and patients were in self-isolation.
Full Clarity were hired to design and build a serverless API, native OSX/Windows desktop messaging apps, and web-based administration and messaging applications to complement Hospify’s existing native mobile apps.
Project type
Sector
Technologies
Project length
The challenge
Hospify was borne out of a need to address the lack of compliant and secure messaging available to healthcare providers. Many healthcare professionals had turned to platforms such as WhatsApp for day to day communication, but this was far from perfect; at that time, WhatsApp was not end-to-end encrypted, and with a lack of transparency around how WhatsApp used data for advertising and targeting, it was a poor choice for transmitting sensitive healthcare data.
More than 500,000 NHS staff were using non-compliant consumer apps for communication at work before Hospify’s introduction, highlighting the significant demand for a compliant, secure messaging platform within the NHS.
Hospify identified an opportunity to provide healthcare practitioners with a system that complied with GDPR regulations through the creation of a messaging service which featured both end-to-end encryption and a decentralised messaging architecture.
A key requirement of the system was that messaging must be instant, and that it must be reliable, as failure of message sending can have serious consequences in a healthcare environment. It needed to meet stringent NHS data protection standards and regulations for secure communication between healthcare professionals and patients
The premium version, Hospify Hub, includes additional functionalities such as an online admin portal, broadcast messaging capabilities, and tools for creating branded communities within the larger Hospify directory, enhancing administrative control and communication reach.
Business Analysis & UX/UI Design
The business analysis and UX/UI design for Hospify focused on creating a secure, user-friendly communication platform tailored for healthcare professionals. This process began with documenting key user journeys to understand the specific needs and pain points of healthcare practitioners. The goal was to design an interface that combined the convenience of popular consumer messaging apps like WhatsApp and Facebook Messenger with the robust security features necessary for healthcare communication.
Comprehensive UX/UI designs were developed to ensure the platform was intuitive and easy to use, thereby minimising the learning curve for healthcare professionals. The design aimed to make the application accessible and familiar, ensuring that users could easily adopt it without compromising on data security. This involved creating a fast, simple, and efficient communication system that maintained compliance with stringent NHS data protection standards and GDPR regulations.
The design also incorporated features such as end-to-end encryption and a decentralised messaging architecture to ensure data privacy and security. By prioritizing user experience and security, the UX/UI design helped Hospify provide a reliable and compliant messaging service for the healthcare sector.
We mapped out user flows to create an intuitive experience mirroring the ease-of-use found in consumer apps, while ensuring compliance with stringent data protection standards.
Serverless Backend API
We developed a serverless backend API was a crucial component of Hospify’s infrastructure, designed to provide a highly scalable and secure environment for handling authentication, user accounts, and contact management. Utilizing AWS Lambda, the API was built to ensure robust performance and reliability, capable of managing a large number of concurrent users without compromising on speed or security.
This backend system included various services such as Node.js, Hapi, AWS Lambda, API Gateway, S3, and SQS, ensuring that the infrastructure could support real-time messaging requirements. The choice of a serverless architecture allowed for automatic scaling and reduced the operational burden, making it an efficient solution for handling the dynamic needs of a healthcare communication platform.
Security was a top priority, with the API undergoing rigorous penetration testing by a Lloyd’s Register company. The results showed very few issues, all of which were promptly addressed, demonstrating the best-practice approach to security. This backend setup ensured that Hospify could provide a reliable and secure messaging service, meeting the stringent data protection and privacy requirements of the healthcare industry.
Web-based admin panel
The web-based administration panel was designed to provide corporate customers with comprehensive control over their communication environment within Hospify. This self-service admin panel allowed administrators to manage users, broadcast messages, and create branded communities within the larger Hospify directory. These features enhanced administrative control and communication reach, making it easier for organizations to oversee and streamline their messaging operations.
The admin panel was built using Vue.js, ensuring a responsive and user-friendly interface that administrators could navigate with ease. It provided tools for managing user accounts, setting permissions, and monitoring communication activities, all while maintaining compliance with GDPR and NHS data protection standards.
By incorporating functionalities such as broadcast messaging capabilities, the administration panel enabled organisations to send important updates and announcements to large groups quickly and efficiently. This feature was particularly valuable in a healthcare setting, where timely communication is critical. The panel’s design emphasised ease of use, security, and efficiency, making it a valuable tool for healthcare administrators.
Desktop Messaging Client
The desktop messaging client for Hospify was developed as an Electron app, supported by a local SQL-lite database. This client mirrored the functionality of the Hospify mobile app, providing users with a seamless experience across different devices. The desktop client was designed to offer the same level of convenience, security, and compliance as the mobile version, ensuring that healthcare professionals could communicate securely from their desktops.
The choice of Electron allowed for a cross-platform solution that worked on both OSX and Windows operating systems. The local SQL-lite database ensured that messages and user data were securely stored, even in the event of network disruptions. This was crucial for maintaining the reliability and availability of the messaging service in a healthcare environment where communication failures could have serious consequences.
The desktop client was built to support real-time messaging, with features such as end-to-end encryption and decentralised data storage to protect user privacy and data security. By providing a robust and secure desktop messaging solution, Hospify ensured that healthcare professionals had a reliable tool for communication, regardless of the device they were using.
Messaging and Encryption API
The messaging and encryption API was a critical component of Hospify’s architecture, responsible for handling the storage of message data and ensuring its security through asymmetric encryption. This logically separated API and database setup ensured that message data was securely stored and transmitted, maintaining compliance with GDPR and NHS data protection standards.
The API was designed to provide robust encryption features, ensuring that all messages were end-to-end encrypted. This meant that only the intended recipients could decrypt and read the messages, protecting them from unauthorised access. The use of asymmetric encryption further enhanced security, making it extremely difficult for any third party to intercept and decipher the messages.
By incorporating advanced encryption techniques and a secure API, Hospify was able to provide a reliable and compliant messaging service. This API ensured that all communication within the platform was protected, maintaining the confidentiality and integrity of sensitive healthcare information. The secure handling of message data was a cornerstone of Hospify’s commitment to providing a trustworthy and compliant messaging solution for the healthcare sector.
Web-Based Messaging Client
The web-based messaging client was developed to provide corporate customers with an accessible and efficient way to handle large volumes of messages. This client allowed users to access their messages from any web browser, ensuring that they could communicate securely and conveniently from any device with internet access.
Built using Vue.js, the web-based client offered a responsive and user-friendly interface that mirrored the functionality of the mobile and desktop apps. It provided real-time messaging capabilities, ensuring that users could send and receive messages instantly. The client also incorporated robust security features, such as end-to-end encryption and decentralised data storage, to protect user privacy and data security.
The web-based client was designed to handle the specific needs of corporate customers, providing tools for managing user accounts, setting permissions, and monitoring communication activities. It also supported broadcast messaging, allowing administrators to send important updates and announcements to large groups quickly and efficiently. By offering a secure, compliant, and user-friendly web-based messaging solution, Hospify ensured that its platform could meet the diverse communication needs of healthcare organisations
The results
The Hospify project resulted in significant achievements: it became the first clinical messaging app approved by the NHS Apps Library, received a 5-star Clutch review, and is now used by over 100 hospitals and clinical sites. Full Clarity’s commitment to security, compliance, and user-friendly design contributed to its success, offering a reliable communication tool for healthcare professionals during the critical period of the pandemic. The collaboration highlighted Full Clarity’s ability to meet stringent deadlines and deliver high-quality solutions.
We thoroughly enjoyed our 3 years working with Hospify, here is some of our UX/UI work and below some of the impact of the work.
Full Clarity’s work is of the highest standard, they take direction and handle the unexpected really well. The team have gone the extra mile with us to hit key deadlines on several crucial occasions. I’d be very happy to recommend them to anyone… except for the fact that I don’t want to lose them to someone else!