%20(1).jpg)
The challenge
A telemedicine client of ours dealt with sensitive health data that needed to be kept private and HIPAA compliant. Building user trust by reassuring them that their data was protected was also a priority.
%20(1).jpg)
The solution
User research showed that the patients were mostly elderly and unfamiliar with technology. They would not do well with complicated UX or with difficult-to-remember passwords.
We implemented a one-time password (OTP) that is sent directly to patients in a text message during the onboarding process. This OTP is simply copied and pasted into the application at the initial login to confirm identity.
%20(1).jpg)
Biometric privacy protection
After this, the app is set up to automatically unlock with the same biometric mechanism that unlocks the user’s phone (for iOS, fingerprint authentication or face ID), keeping the login process seamless and ensuring that no other individual has access to sensitive health data.
Equally as important, the user is automatically logged out, either upon exiting the application or after several hours, further securing their data. The app’s background services (which are critical for remote monitoring and emergency assistance) are in effect all the while, whether the user is logged-in or not.
%20(1).png)
The impact
Protecting patient data is fundamental, both for HIPAA compliance and to maintain trust, but hard-to-remember passwords can cause frustration, especially with elderly users.
Finding balance between privacy and ease of use is essential, especially in the high-stakes field of healthtech. This keeps users coming back to products that can significantly improve their quality of life.
