HaloRide V1
A HIPAA-compliant, non-emergency medical transport platform that connects patients, drivers, and dispatchers around one secure booking, scheduling, and real-time tracking flow. PHI is protected end to end β encrypted, role-scoped, audit-logged, and hosted in a US region under a signed BAA. Original UI/UX built for the calm, clinical trust a healthcare buyer expects.
βοΈ
Tech Stack
PostgreSQL (encrypted, US)
AWS (HIPAA-eligible + BAA)
π§
Core Technologies
- Flutter β Single codebase for the patient + driver mobile apps (React Native is a viable alternative)
- Node.js + TypeScript β REST API + WebSocket gateway for live trip tracking and status
- PostgreSQL β Encrypted at rest, US region, PHI store isolated from operational data
- Maps / Routing β Live vehicle tracking, geofenced pickup/drop-off, route optimization
- OpenAI / Anthropic β Booking assistant, predictive ETA, and dispatcher demand forecasting
- AWS β HIPAA-eligible services in a private VPC under a signed BAA, US data residency
π¦
V1 Deliverables
β
Patient & caregiver app β secure sign-in, book, and track rides
V1β
Driver app β assigned trips, minimal-PHI trip view, status updates
V1β
Dispatcher web console β live map, assign / reassign, alerts
V1β
Real-time trip tracking (WebSockets + maps) with status timeline
V1β
Booking, scheduling & recurring standing orders (dialysis, PT)
V1β
AI booking assistant + predictive ETA + demand forecasting
V1β
HIPAA controls β encryption, RBAC, audit logging, MFA, PHI minimization
V1β
Backend API + WebSocket services + encrypted PostgreSQL (US region)
V1β
Original, bespoke UI/UX (no template kits)
V1β
Insurance & Medicaid NEMT billing / claims export
V2β
Transport provider marketplace & multi-agency dispatch
V2β
Deeper AI β no-show prediction, dynamic route batching, voice booking
V2
π
Architecture Layers
CLIENTS
Patient app Β· Driver app (Flutter) Β· Dispatcher web console β role-scoped UI, MFA at sign-in
GATEWAY
API gateway Β· Auth + MFA Β· RBAC policy enforcement Β· request audit hooks
SERVICES
Booking Β· Real-time trip-tracking (WebSockets) Β· Routing + AI (ETA / demand) Β· Notifications Β· Audit
DATA
PostgreSQL (encrypted, US) Β· isolated PHI store Β· immutable audit log Β· KMS-managed keys
PLATFORM
AWS HIPAA-eligible services Β· private VPC Β· US data residency Β· signed BAA Β· CloudWatch + Sentry