MedEntry Kiosk

Health

Original Idea

Patient Intake Kiosk A tablet kiosk app that pre-fills forms, captures signatures, and prints or texts receipts.

Product Requirements Document (PRD): MedEntry Kiosk

1. Executive Summary

MedEntry Kiosk is a specialized, HIPAA-compliant tablet application designed to modernize the patient check-in experience. By leveraging high-performance React Native architecture, on-device AI for OCR, and direct EHR integration via FHIR R4, the kiosk eliminates manual paper forms, reduces administrative bottlenecks, and ensures 100% data integrity. The system functions in a "local-first" capacity to guarantee reliability even during clinic Wi-Fi fluctuations, providing a seamless, secure, and accessible entry point for modern healthcare facilities.

2. Problem Statement

Manual paper-based patient intake processes are inefficient, prone to data entry errors, and cause significant bottlenecks in clinic waiting rooms. Patients are frequently frustrated by repeating information already provided during scheduling, while administrative staff spend excessive time manually transcribing data into Electronic Health Records (EHRs), leading to billing delays and potential clinical risks.

3. Goals & Success Metrics

  • Reduce Check-in Time: Decrease average patient intake time from 12 minutes (manual) to under 4 minutes.
  • Data Accuracy: Achieve 99%+ accuracy in patient demographics and insurance data through OCR and pre-fill logic.
  • Staff Efficiency: Reduce receptionist data-entry workload by 70%.
  • Patient Satisfaction: Maintain a Net Promoter Score (NPS) of 70+ for the check-in experience.
  • Compliance: Maintain 100% HIPAA compliance with zero data leaks.

4. User Personas

| Persona | Role | Primary Goal | Pain Point | | :--- | :--- | :--- | :--- | | Elderly Patient | Patient | Complete forms with minimal technical friction. | Small fonts, complex navigation, physical hand strain. | | Tech-Savvy Patient | Patient | Check in as quickly as possible using existing digital data. | Redundant questions, waiting for staff interaction. | | Clinic Receptionist | Staff | Monitor check-in status and handle exceptions. | Deciphering poor handwriting on paper forms. | | IT Administrator | Admin | Maintain device security and EHR data sync. | Security of PHI on portable devices; connectivity drops. |

5. User Stories

  • As a patient, I want to scan a QR code from my appointment confirmation so that my personal details are pre-filled.
  • As a patient, I want to scan my insurance card using the tablet camera so that I don't have to manually type complex policy numbers.
  • As a patient, I want to sign my consent forms with a stylus so that the experience feels natural and legally binding.
  • As a receptionist, I want to receive a real-time notification when a patient finishes their intake so that I can room them immediately.
  • As an IT Admin, I want the tablet to automatically wipe all local PHI if the app is idle for 60 seconds so that data remains secure.

6. Functional Requirements

6.1 Check-in & Identification

  • QR Scanner: Support for scanning mobile-based appointment QR codes.
  • OCR Scanning: On-device AI scanning for Government IDs (via Microblink) and Health Insurance Cards (via CardScan.ai).
  • Pre-fill Engine: Automatic retrieval of patient data from EHR (Epic/Cerner) via FHIR APIs.

6.2 Digital Intake Forms

  • Conditional Logic: Dynamic form fields that appear based on previous answers (e.g., specific symptoms).
  • Progressive Disclosure: Step-by-step wizard UI to prevent cognitive overload.
  • Signature Capture: HIPAA-compliant digital signatures with biometric pressure data and tamper-evident audit trails.

6.3 Hardware & Integrations

  • Kiosk Lockdown: Single App Mode with disabled hardware buttons and status bars.
  • Thermal Printing: Automated printing of "Check-in Slips" via Epson/Zebra hardware.
  • Payment Processing: In-person co-pay collection via Stripe Terminal (S700/WisePOS E).

7. Technical Requirements

7.1 Tech Stack (2026 Production Standards)

  • Frontend: React Native 0.83.x (React 19.2) using the New Architecture (Fabric & TurboModules).
  • Backend: Node.js v24.x (LTS) with TypeScript 6.0.
  • Database: PostgreSQL 17 with Row-Level Security (RLS) and search-optimized encryption beacons.
  • Language: TypeScript 6.0 (utilizing the "Stable Bridge" for future Go-based compiler compatibility).
  • Infrastructure: AWS Nitro Instances (Graviton3) for hardware-level memory encryption and Nitro Enclaves for PHI processing.

7.2 Integrations

  • EHR: HL7 FHIR R4 APIs (Epic App Orchard / Oracle Health Developer Program).
  • OCR: CardScan.ai RN SDK (Insurance) and Microblink BlinkID (IDs).
  • Payments: Stripe Terminal React Native SDK (mandatory allow_redisplay parameter for 2026 compliance).
  • Printing: react-native-esc-pos-printer for Epson ePOS SDK integration.

8. Data Model

8.1 Entity: PatientRecord

| Field | Type | Description | | :--- | :--- | :--- | | patientId | UUID | Primary Key (Internal) | | fhirId | String | External ID from EHR | | pii_data | Encrypted Blob | AES-256 encrypted demographics | | rls_tenant_id | UUID | Used for Row-Level Security isolation |

8.2 Entity: IntakeSession

| Field | Type | Description | | :--- | :--- | :--- | | sessionId | UUID | Primary Key | | status | Enum | [STARTED, IN_PROGRESS, COMPLETED, ABANDONED] | | offline_sync_status | Boolean | Tracks if data reached EHR during Wi-Fi drops |

8.3 Entity: FormSubmission

| Field | Type | Description | | :--- | :--- | :--- | | submissionId | UUID | Primary Key | | signature_hash | String | SHA-256 hash of the signature for audit integrity | | document_uri | String | Secure S3 link to generated PDF |

9. API Specification (Sample)

POST /api/v1/intake/sync

  • Purpose: Synchronize offline-buffered intake data with EHR.
  • Request: 
    {
  "sessionId": "uuid",
  "fhir_payload": { "resourceType": "Bundle", "entry": [...] },
  "signature_metadata": { "timestamp": "ISO8601", "ip": "string" }
}
  • Response: 200 OK with sync_receipt_id.

10. UI/UX Requirements

  • Accessibility: Support for HHS Section 504 standards; high contrast mode and voice-guided navigation.
  • Typography: Minimum font size of 18pt for body text to accommodate elderly users.
  • Stylus Optimization: High-frequency touch sampling for smooth signature capture.
  • Feedback: Haptic feedback on all button presses and visual success cues for OCR scanning.

11. Non-Functional Requirements

  • Offline Capability: Local transactional queuing using SQLite; background "batch-and-burst" synchronization.
  • Security: Zero-knowledge caching; data is encrypted with the hospital's public key before local storage.
  • Performance: Form transitions < 100ms; app boot time < 2 seconds.
  • Reliability: 99.9% uptime during clinic hours; hardware-backed auto-restart on crash.

12. Out of Scope

  • Telehealth video consultations.
  • Long-term patient medical history browsing (Kiosk is for current intake only).
  • Complex clinical charting or doctor's notes.

13. Risks & Mitigations

  • Risk: Unstable clinic Wi-Fi prevents EHR sync.
    • Mitigation: Implement MQTT 5.0 with QoS Level 2 for guaranteed exactly-once delivery.
  • Risk: Physical theft of tablet containing PHI.
    • Mitigation: Remote wipe via MDM; hardware-level memory encryption via AWS Nitro/TPM.
  • Risk: Patient inability to use digital forms.
    • Mitigation: "Request Help" button triggers a dashboard notification to the receptionist.

14. Implementation Tasks

Phase 1: Project Setup & Security Foundation

  • [ ] Initialize project with React Native 0.83.x and TypeScript 6.0
  • [ ] Set up ESLint/Prettier with TypeScript 6.0 bridge configurations
  • [ ] Configure AWS Nitro Enclave environment for PHI processing
  • [ ] Implement PostgreSQL 17 with mandatory Row-Level Security (RLS)
  • [ ] Set up AWS KMS with 12-month rotation for field-level encryption

Phase 2: Kiosk Lockdown & OCR Core

  • [ ] Implement react-native-kiosk-manager for Android Lock Task Mode
  • [ ] Configure react-native-asam for iOS Autonomous Single App Mode
  • [ ] Integrate CardScan.ai for health insurance OCR
  • [ ] Integrate Microblink BlinkID for government ID verification
  • [ ] Build "Admin PIN" screen for staff breakout

Phase 3: Intake Workflow & EHR Integration

  • [ ] Build FHIR R4-compliant data mapping layer for Patient and Observation resources
  • [ ] Create dynamic form engine with conditional logic (React Hook Form + Zod)
  • [ ] Implement local-first synchronization logic using SQLite and transactional queues
  • [ ] Build signature capture component with pressure-sensitive metadata
  • [ ] Implement SMART on FHIR OAuth 2.0 flow for EHR authentication

Phase 4: Hardware & Payments

  • [ ] Integrate Stripe Terminal SDK for S700 reader support
  • [ ] Implement allow_redisplay logic for future billing compliance
  • [ ] Integrate react-native-esc-pos-printer for Epson receipt printing
  • [ ] Develop thermal print templates for patient check-in slips
  • [ ] Implement Twilio SMS receipt triggers for successful check-in

Phase 5: Accessibility & Compliance Audit

  • [ ] Conduct HHS Section 504 accessibility audit (WCAG 2.1)
  • [ ] Implement automated 60-second idle timeout and data wipe
  • [ ] Perform penetration testing on RLS policies and encryption boundaries
  • [ ] Finalize BAA agreements with Stripe, CardScan, and Twilio
  • [ ] Deploy to UAT environment for clinical staff feedback