PatientPortal
A front door to the clinic on every phone
A patient-side portal for intake forms, appointments, and secure messaging. Built with HIPAA-minded defaults, multilingual from day one, and designed for the phone before the desktop.
- Mobile First, by design
- PHI-less Device cache, by default
- All Languages AIM supports, RTL-aware
PatientPortal is the front door patients actually use. They sign in with strong authentication, fill the intake form at their own pace, see upcoming and past appointments, and message the clinic through a secure inbox — all from a phone, all in their own language.
Privacy-sensitive defaults are baked in: no cached PHI on the device, short session timeouts, and no content rendered over insecure channels. The portal is the surface; the real data lives in PHIVault, read only when needed.
Everything PatientPortal handles for you
-
Intake at own pace
Forms can be started, paused, and resumed — no "session expired" mid-way through.
-
Secure messaging
Every patient-clinician message flows through a PHI-aware inbox, not a generic chat.
-
Mobile-first UI
Designed for a patient on a phone, with large tap targets and minimal cognitive load.
-
Multilingual
Every language the clinic serves, with proper RTL where needed — one codebase.
How PatientPortal plugs into the clinic stack
PatientPortal is a surface. Identity comes from AuthGate, data from the PHI vault, workflows from the clinician queue.
- AuthGate handles sign-in with strong-auth and hands a session the portal trusts.
- PHIVault stores the intake and messaging data — the portal holds no PHI on its own.
- SecureInbox powers the messaging surface with PHI-aware audit logs.
- ClinicianQueue receives new intake and message events from the portal.
Wire PatientPortal into your product today
Book a consultation with our founders and we'll walk you through the whole microservice stack — not just this one — live on your domain.