Skip to main content

Implementation roadmap: patient mobile (React Native)

Version: 1.0
Date: 2026-03-31

Companion: BACKEND_AND_SERVICE_MAP.md, BUILD_GUIDE.md, TRACEABILITY_MATRIX.md.

Backend readiness for many FRs is tracked in the traceability matrix; phases below call out blocking dependencies explicitly.

Phase 0 — Repository and tooling

  • Add apps/ehr-patient-mobile to the monorepo; ensure pnpm-workspace.yaml includes apps/*.
  • Expo (recommended) development build or bare RN; TypeScript strict, ESLint, Prettier aligned with repo.
  • CI: lint + typecheck on PR; optional E2E job stub.
  • .env.example with no secrets (BUILD_GUIDE.md).

Exit criteria: pnpm (or npm) install and lint/typecheck succeed; dev client launches on iOS and Android simulators; no PHI or secrets in bundle.

Phase 1 — Authentication and session shell

  • OIDC Authorization Code + PKCE; redirect URI (custom scheme or universal link).
  • Secure storage for refresh material; session refresh and logout (AUTH_AND_SESSION.md).
  • Call GET /v1/portal/me after login; parse tenant + feature hints for licensing gates.
  • Global 401/403 handling; no calls to /internal/* (API_PATH_CONVENTIONS.md).

Exit criteria: Authenticated user sees a placeholder home screen with display name from API; token refresh works; logout clears storage.

Traceability: FR-PORT-001 (partial), FR-PORT-002 groundwork. Service: patient-portal-api via Kong /v1/portal (TRACEABILITY_MATRIX.md).

Phase 2 — Home, discovery, and booking

  • Provider search and detail: GET /v1/practitioners, GET /v1/practitioners/{id} (API_CLIENT_AND_KONG.md).
  • Slots and book: GET /v1/schedules, POST /v1/appointments (409 conflict UX) (patient-portal-requirements-doc.md §7).
  • Dependency: Discovery and booking against live APIs are blocked or mockable until BACKEND_GAPS_AND_ROADMAP.md Phase P1–P3 (patient read on practitioners, patient-scoped book/cancel, portal results BFF) land—or use controlled environments / mocks aligned with that doc.
  • Home summary: GET /v1/portal/record/summary when available.
  • RTL smoke on search + booking (I18N_AND_RTL.md).

Exit criteria: End-to-end book flow in dev against Kong or documented mock path per BACKEND_GAPS_AND_ROADMAP.md; AC-Book-1..3 satisfied at UI level when backend allows.

Traceability: FR-PORT-003/004. Services: provider-directory, scheduling, patient-portal BFF routes.

Phase 3 — Results and record reads

  • Depends on backend: released-results pipeline and policy filters (TRACEABILITY_MATRIX.md marks FR-PORT-005 Backlog until BFF/rules engine ready).
  • Client: GET /v1/portal/results, GET /v1/portal/results/{id}; preliminary vs final labeling (SPEC.md FR-PORT-005).

Exit criteria: If API returns data, list + detail match policy; if backend not ready, phase blocked—ship Phase 2 only or mock in dev behind flag.

Phase 4 — Push, deep links, telehealth handoff

  • FCM/APNs registration post-login; non-PHI payloads (PUSH_AND_DEEP_LINKS.md, BR-PORT-003).
  • Universal links / App Links with auth gate (SPEC.md NFR-PORT-005).
  • Telehealth join flow when licensed (SPEC.md FR-PORT-009).

Exit criteria: Push tap opens app to correct screen after login; deep link does not leak unauthorized data.

Traceability: NFR-PORT-004..005; FR-PORT-009 (often Backlog per matrix until scheduling/telehealth APIs finalized).

Phase 5 — Messaging, billing, proxy, export, account

  • Messaging when module + API available (SPEC.md FR-PORT-011).
  • Billing / pay via delegated flow (SPEC.md FR-PORT-012).
  • Proxy switching UX (SPEC.md FR-PORT-008).
  • Export / DSAR-oriented download (SPEC.md FR-PORT-010).
  • Account deletion request (SPEC.md FR-PORT-013).

Exit criteria: Each slice gated by server feature flags; empty states when not licensed.

Traceability: FR-PORT-008..013 mostly Backlog in matrix—coordinate with backend before committing dates.

Risk summary

RiskMitigation
Results/policy API not readyKeep Phase 3 behind flag; do not block Phase 1–2.
Push requires device token APIStub in dev; contract with platform team early.
Keycloak mobile client not registeredBUILD_GUIDE.md §Keycloak

Definition of product “MVP” (suggested)

Minimum shippable: Phase 0 + 1 + 2 with production auth and booking; Phase 3+ as fast followers per tenant license.