Project Goals and Starting Point
In response to growing patient expectations who need fast, convenient and affordable access to medical services, OpenMed decided to create its own platform for remote issuing of e-prescriptions, sick leaves and e-referrals. This solution allows reducing the need for repetitive in-person visits, enabling doctors to dedicate more time to more complex cases while patients receive efficient and safe help. Until now, the market was dominated by entities operating in the gray zone - without real medical background and with questionable security standards.
Our task was to:
- Reduce patient waiting time for medical documents to several minutes from order placement
- Ensure full compliance with P1 platform and ZUS security standards
- Create a scalable and secure solution that is user-friendly for both patients and doctors
Analysis and Design Process
At the beginning of cooperation, we conducted an in-depth analysis of the business model and two key user paths: the patient who needs quick access to medication or sick leave, and the doctor who must approve the document in compliance with applicable regulations. We mapped every stage - from medication search, through questionnaire completion, payment and phone contact, to visit handling in the doctor panel and issuing required documents.
Already at this stage, we placed great emphasis on user experience (UX) design - the process was designed so that placing an order would be maximally fast, intuitive and free of unnecessary steps. Thanks to this, the patient easily progresses from medication selection to prescription receipt, and the doctor receives all necessary information in a clear and organized format.
Next, during a series of workshops with medical staff and management team, we refined clinical and legal requirements, as well as business priorities: data security, automation and service time reduction. All this work allowed us to prepare functional specifications for a two-part system:
- The sales part of the website, designed as mobile-first, with a medication search engine based on current database stored on our servers
- Doctor panel designed to enable quick patient service while maintaining maximum level of security and patient privacy
Technology Choice
From the beginning, we knew we were building a platform that must be intuitive and fast for patients on one hand, and stable, secure and compliant with medical documentation regulations on the other. Additionally, it must work reliably in the background - not overwhelming the user, but giving full control to the doctor and meeting all legal requirements.
The patient-facing part was built in Next.js. The main page works in SSR (server-side rendering) mode, making it load very quickly and meet SEO requirements, which is important for acquiring new users.
The medical part of the system was built in SPA (Single Page Application) mode using React - thanks to this everything works smoothly, all views switch instantly without page reload. This solution works well in doctors’ work environment, where quick data access and smooth handling of multiple patients counts.
User authorization was based on OAuth2 protocol, which ensures controlled and secure access to protected resources.
The backend layer of the system was based on two independent Spring Boot applications.
The first one, based on Spring WebFlux, serves as a system gateway and handles all login processing and user session management. It works as an OAuth2 Client that implements the authorization process - receives login data, sets session and maintains login state on the server side. The user’s browser has no access to any tokens - all sensitive logic takes place in secure backend.
This approach not only simplifies frontend architecture, but most importantly significantly increases security - user session remains under full server control, and even in case of client-side security breach, system access is server-limited.
The second application handles business logic and works as an OAuth2 Resource Server - this is where e-prescription, e-referral and sick leave issuing processes are implemented online. Every doctor’s decision is recorded according to medical standards and passed directly to the P1 system. Thanks to integration with P1 Platform and related e-health systems such as eWUŚ or ZUS, medical documents reach state infrastructure, from where they can be fulfilled in pharmacies and medical facilities throughout Poland. This ensures full compliance with Polish regulations, patient data security and process transparency.
Finally, the platform runs in Microsoft Azure cloud, providing flexibility in environment management, high availability and ability to quickly scale in case of increased traffic. Data is stored in relational Azure SQL Database, which guarantees high consistency, integrity and compliance with security standards required in healthcare sector. Cloudflare also supports us in traffic protection layer, providing application security and additional protection layer against attacks.
Final Results
The application we built fulfilled all its assumptions and became real support for OpenMed’s online presence development.
The system is scalable and ready for the month-to-month increasing number of users and will be expanded with additional functionalities - thus supporting growing patient needs.
