The following pages/experiences provide an overview of the key elements making up the PEDS solution experience. It is not intended to be a final specification but is intended to provide further context on solution details to assist with solution provider budget and capability assessments.

Mobile App Interactions - Subscriber

The following pages provide an initial inventory of the subscriber (patient/parent) mobile app interactions. Full IA, UX, and UI creative design will be conducted during MVP to finalize the full experience. The list provided here sets the initial context that can be used for estimation purposes.

Install Mobile App

The subscriber (patient/parent or caregiver) will browse the Google Play or Apple App store for the PEDS mobile app. This app will be installed on the mobile device of the patient and parent, or in the case of very young pediatric patients who do not have a device just the parent/caregiver. Family sharing should be enabled to share PEDS new subscriptions with family members.

User Registration

A user registration process will be developed to create users based on type - patient, parent/caregiver. Each user will have a unique user account and strong enforced password combination. Logins will support 2FA for required security.

Setup Profiles

Unique profiles will be created for the patient and the parent/caregiver and will contain demographic information including:

  • Account type: Patient (child, age 0 - 18)
  • Account type: Parent/Guardian (caregiver of child patient)

For each account type: 

  • Enter demographics including name, DOB, age, address, phone number, email address, sex, gender, personal health care number
  • Users will have option to create custom avatar

Additional information could be captured for statistical purposes which can be determined during prototype development and upon review with legal and PHIA privacy/risk experts to ensure the privacy of user information.

Integrate Wearable Devices

The user will have the option to pair and integrate their wearable health device with the PEDS mobile app. The exact initialization process will depend upon the hardware (iOS device, Android device). In general, this process will establish a communication connection between the wearable device and the mobile app.

Search Curated Information

The PEDS app will allow the user to search a database of medical information using key search terms, and filtering on specific criteria to refine the results. The information results could be academic articles, text, videos or pictures. The source of medical information, articles and video content will be a combination of purchased and proprietary content.

The PEDS app will use AI to sort search results information, classify medical issues and present age appropriate content based on age demographics set up in their user profiles. All medical information displayed to the user will be curated through search patterns, and will be age-appropriate and is easily understood by their age group. Users will fall into one of three categories - either parent, child or young adult- based on their demographic information that was entered in their profile during setup.

Parents/guardians get adult-based content, including academic articles, to avoid turning to Google and getting non-credible data and information.

Children get very simplified information in the form of simulated conversations, text, videos, and pictures to ensure they have a general idea of what is happening without overloading them and stressing them out.

Young adult content provides more detail but is still simple and easy to comprehend through videos and infographics. Young adults have the option to read more detailed content such as academic articles if they wish.

The search box and button will be represented in the app by the magnifying glass icon, which is a universal symbol for searching and is easily identifiable. The search feature will include a prompt to show users what they can search for through the use of hint text, and will use the auto-suggest mechanism to help formulate a search query, reducing keystrokes and helping by suggesting more accurate terms to enable the users’ search process.

Journal

Patients and parents/caregivers can both utilize the journal feature of the mobile app to track notes, progress, write down questions and concerns they want to share with their healthcare provider. Journal entries consist of the title and note section and will be displayed chronologically to the user in the app. Users can forward notes and questions from the journal to their healthcare provider through the app. Forwarded journal entries will feature the user avatar of the sender beside the journal entry title to clearly show who sent the information.

Send/Receive communications

Users will be able to send and receive secure and confidential messages with their physician or healthcare provider through the app. Messages will be encrypted end-to-end to ensure compliance with personal healthcare information legislation and prevent anyone other than the sender and recipient from monitoring the conversation. This secure communication feature allows the physician to correspond with the patient or their caregiver directly, by integrating the healthcare mobile app with the doctors web-based software platform. The user will be able to send a new message with the title, description, select the healthcare provider either from a dropdown list or through a search of available providers, and invite the provider by email. Messages will feature the user avatar of the sender beside the message to clearly show who sent the information.

Send Device Data

The PEDS app will have access to specific medical information, including steps, calorie burn, Bp, HR, BO2, etc. Users will have the option to select which specific information they want to share, or they can choose to send all listed data via sync. Further analysis needs to be done through the project to confirm which personal health information will be sent from the wearable device to the apps.

View subscription billing history

Users will have the option to view their subscription billing history, including subscription type, start date, auto-renew date, payment method, payment status.

Manage my account credentials

Users will have password reset self management and lost password recovery options through the app.

Manage my profile details

Profile details can be updated, edited and changed for each user, including demographic information, personal information, and custom avatars.

Manage my preferences

Communication preferences, including phone, email, SMS text, in app push notifications and reminders can be configured and managed within the app.

Help / FAQ

The user will have the ability to view help and FAQ style information within the mobile app, and if they have further issues or questions, they can submit a support request through the app. This support ticket will go to the Site Admin/Customer Support team for resolution.

Contact

Provide contact information for PEDS including phone, email, and a message submission form.

Web App Experience

The healthcare provider solution consists of a web based SaaS subscription-based application, that has secure login with 2FA with unique user accounts for each user, but also supports multiple user accounts for one medical clinic under one subscription. The monthly subscription can be purchased through a secure online payment gateway.

Web App - Public

Main landing page (non-logged in)
This is the primary public entry point into PEDS for all types of users. Users will travel to this experience via marketing (digital and non-digital). This page will provide users with an overview of the solution and provide call-to-action for Consumers to download the application or sign up for the web app subscription. Most of the content on the landing page will be geared towards flowing Consumers (buyers) into the experience.
Marketing landing pages(non-logged in)
A set of bespoke web marketing experiences will be created to attract subscribers and providers into the experience. A CMS solution will need to be utilized to empower PEDS marketing to independently create and manage these experiences. It is expected the provider will suggest 3rd party solutions supporting capability set.
Patients/Caregivers (non-logged in)
Allows subscribers and providers to view a creative representation of how PEDS works for patient/parent subscribers, from registering an account, filling out a profile, entering details and downloading the mobile application.
Healthcare Providers (providers/clinics) (non-logged in)
Allows healthcare providers and clinics to view a creative representation of how PEDS works through the subscription based web-app, including outlining features, profile setup, clinic setup, and subscription information.
Subscription pricing (non-logged in)
Displays information on the subscription types and pricing of various plans, including billing interval information, features of each plan, benefits of the PEDS system and a call to action to create an account, subscribe or download the mobile app.
Contact (non-logged in)
The contact page clearly displays contact information for PEDS including phone, email, social media links, newsletter sign up form and a message submission form. All forms will use reCaptcha.
FAQ (non-logged in)
Provides an overview of frequently asked questions on getting started with PEDS, account security, how it keeps personal information secure, pricing and subscription models, and other questions about the web and mobile apps.
Privacy Policy (non-logged in)
Outlines the privacy policy of the PEDS application including personal information collection, storage, disposal, international data transfer, security safeguards, cookies and technology usage, data retention, changes to the policy and a way to contact PEDS.
Terms and Conditions (non-logged in)
Standard terms and conditions for usage of the site and app, including subscription, free trials, fees, refunds, accounts, acceptable usage, intellectual property, links to other sites, termination, limitations of liability, disclaimer and non waiver of rights, exclusions, governing law, changes, and a way to contact PEDS
Disclaimers (non-logged in)
Standard disclaimers for information, links to external sites and other errors or omissions.

Desktop Experience - Private

Registration | Log-in (non-logged in)
Registration will prompt the user for email address, strong password and setting up 2FA. This experience will need to be separated based on the types of Users as each user type has different registration and administrative experience.There will be registration forms for clinic staff and healthcare providers, that will create the corresponding user account in the back end. All forms will use reCaptcha.
Users will need to log into the administration / authenticated experience. All subsequent logins will support 2FA for required security. All forms will use reCaptcha
Healthcare Provider hub (logged in)
This experience serves as the central hub for Healthcare Providers once they have logged into the site to access the following:
  • Create and update Provider account
  • Manage my account credentials/settings
  • Clinic setup and information
  • Create new patient (either through bulk upload or individual patient profile creation)
  •  Search patients / caregivers
  • Link patients/caregivers
  • Edit and modify patients / caregivers
  • Review patient information (integrated wearable)
  • Send and receive secure communications
  • View help information and send support ticket request
Clinic Staff hub (logged in)
This experience serves as the central hub for Clinic Staff once they have logged into the site to access the following:
  • Create and update clinic staff accounts
  • Manage my account credentials/settings
  • Clinic setup and information
  • Create new patient (either through bulk upload or individual patient profile creation)
  • Search patients / caregivers
  • Link patients/caregivers
  • Edit and modify patients / caregivers
  • Run PHIA audit reports
  • View help information and send support ticket request

Clinic Staff hub (logged in)

All browser-based experiences will need to be responsive and utilize modern web application technology stacks. To support growth and extensibility of the solution, an API centric approach should be used via a modern technology stack for data transfer and communication of data between any wearable health device, the PEDS mobile app, and the web application. Access to the algorithms should be via APIs which enables extensibility and versioning as the solution evolves.

Payment Processing

Real-time integration into a selected payment provider is required to card on file and payment processing for reservations. Robust reporting, monitoring, card-on-file, and account management functions are all required to ensure PEDS can receive, manage and respond to payment events. A suggested provider is Stripe, but alternation options can be evaluated.

Security Management

PEDS will be managing sensitive data (personally identifiable, payment, and personal medical records). As such, robust encryption and hashing will need to be selectively used to ensure data is always protected. In addition, PHIA and HIPAA level compliant logging and audit management will be required and will be further defined during the project execution. Security by design must be integrated into the architectures from the ground up to ensure application and infrastructure solutions are secure. To establish a level or trust, all Canadian medical records and data must be maintained on Canadian data centers and servers. Data encryption is required to encrypt data in transit and at rest, and data loss prevention and protection measures must be in place with continuous backups across multiple servers in multiple locations.

RoUA Logging

Record of User Activity (RoUA) level logging is required under PHIA and HIPAA legislation, and requires extensive user activity logs and transaction timelines, logged by userID and IP for full transparency, visibility and control. RoUA also includes logging of Site Administrator and Support accounts, to monitor changes and security updates made by any admin or support users. There must be the ability to create audit records of user activity for random audits or focused audits by Site Admin with knowledge of access levels and purposes of user roles. RoUA logs must be maintained by PEDS for at least 3 years.

Disposal of PHI

Proper disposal of PHI is required under PHIA and HIPAA legislation, and there must be an internal process for destruction of electronic records and files in a way that the information cannot be recovered.

Patient PHI Requests

Patients and clients have the right under PHIA and HIPAA to request access to their personal health information which is maintained and stored in the PEDS application. PEDS must have extensive export options to export client information out of the system, including but not limited to medical records, notes from the client profile, all financial and client demographic data, and exports of all secure messages.

Two-Factor Authentication

All users will be required to utilize two-factor authentication for secure logins. Integration with a third-party provider will be required. A suggested provider is Twilio, but alternate options can be evaluated.

Push Notifications

To support operational and marketing communications, integration with a third-party push notification provider will be required. The full list of push notifications will be designed during the project for both mobile app and web. A suggested provider is Twilio, but alternate options can be evaluated.

Email Management

To support operational and marketing communications, integration with a third-party email provider will be required. The full list of emails will be designed during MVP. Emails are expected to be triggered on-demand, scheduled, and via batch executions. A suggested provider is Sendgrid, but alternation options can be evaluated. Initially the set of emails to support are as follows:
  • Subscriber: Registration – Confirm email
  • Subscriber: Forgot Password
  • Subscriber: Healthcare
  • Communication to be reviewed
  • Subscriber: Profile Updated
  • Subscriber: Subscription Changed
  • Healthcare: Registration – Confirm email
  • Healthcare: Forgot Password
  • Healthcare: Patient Communication to be reviewed
  • Healthcare: Profile Updated
  • Healthcare: Subscription Changed
  • Admin/Support: Registration – Confirm email
  • Admin/Support: Forgot Password

Scalable Architecture

The focus during development should be extended to ensure the underlying data architecture is robust and scalable for future needs as the application looks to add functionality in future releases. While the pilot focus will be on key core flows, future business needs extend into the creation of patient scheduling, medical charting and eventually, integration with Electronic Medical Records (EMRs) and Electronic Patient Records (EPRs). The base level application designed for the pilot should take all future development and expansion into consideration to allow for future growth.

Infrastructure Management

The PEDS solution will need to be hosted on a PCI certified Canadian hosted infrastructure with the ability to efficiently scale for future needs. Further projections on infrastructure needs will be assessed during the build and will be contingent on technology stack selected and application architecture.Canadian medical records and data must be maintained on Canadian data centers and servers.