VitalPulse: Building a Modern Healthcare Platform

At AIQON, we're building VitalPulse – a health management platform that transforms how families organize, understand, and manage their medical records. VitalPulse combines AI-powered document processing with client-side encryption to create a secure, intelligent system where scattered lab results, imaging reports, and medical documents become actionable health insights. Whether it's tracking a child's growth metrics, monitoring a parent's chronic condition, or simply keeping everyone's medical history in one secure place, VitalPulse empowers families to take control of their health data.

In the rapidly evolving landscape of digital health, building a platform that's both powerful and secure requires careful selection of technologies. VitalPulse, a family-centered health management platform, leverages a modern tech stack that prioritizes privacy, performance, and user experience. In this post, we'll explore the technologies and platforms that power VitalPulse and why we chose them.

Frontend: React 19 and Modern Web Technologies

At the heart of VitalPulse's user interface is React 19, the latest version of Facebook's popular UI library. React's component-based architecture allows us to build reusable, maintainable UI elements that make the development process efficient and the user experience consistent. Rather than building monolithic pages, we compose our interface from dozens of small, focused components that can be tested independently and reused throughout the application.

We've paired React with TypeScript 5.8, which adds static typing to JavaScript. This choice significantly reduces bugs and improves code quality by catching errors during development rather than in production. TypeScript's strict type checking ensures that our encryption services, medical data processing, and user interfaces maintain type safety throughout the application. When a developer makes a change to how medical exams are structured, TypeScript immediately flags every place in the codebase that needs to be updated, preventing runtime errors that could affect users.

For building and bundling our application, we use Vite 7, a next-generation frontend tooling that provides lightning-fast hot module replacement during development and optimized production builds. Vite's speed dramatically improves developer productivity, allowing us to iterate quickly on new features. What used to take minutes with older build tools now happens in seconds, meaning developers can see their changes reflected in the browser almost instantly.

Styling and UI Components

VitalPulse uses Tailwind CSS for styling, a utility-first CSS framework that enables rapid UI development while maintaining consistency. Tailwind's approach allows us to build custom designs without writing custom CSS, and its purge feature ensures our production bundles remain small. Instead of maintaining separate CSS files that can grow unwieldy, styles live directly alongside the components they affect, making the codebase easier to understand and maintain.

Built on top of Tailwind, we use shadcn/ui, a collection of beautifully designed, accessible components built with Radix UI primitives. This component library gives us WCAG 2.1 AA accessibility compliance out of the box, ensuring that VitalPulse works seamlessly with screen readers and keyboard navigation. The library also provides full dark and light theme support through CSS variables, allowing users to choose their preferred viewing mode without any additional engineering work. Every button, dialog, form input, and card in VitalPulse uses these pre-built, accessible components, ensuring that our platform is usable by everyone, regardless of their abilities.

Backend: Supabase - A Complete Backend Platform

For our backend infrastructure, we chose Supabase, a comprehensive backend platform built on PostgreSQL. Supabase provides everything we need in a single, integrated solution: database, authentication, storage, serverless functions, and real-time subscriptions. This completeness eliminates the need to stitch together multiple services from different providers, reducing integration complexity and potential points of failure.

At its core, Supabase uses PostgreSQL, one of the most advanced open-source relational databases. PostgreSQL provides ACID compliance for data integrity, ensuring that medical records are never corrupted or lost due to system failures. Its support for complex queries with SQL allows us to efficiently retrieve and analyze health data, while row-level security provides fine-grained access control at the database level. As VitalPulse grows, PostgreSQL's proven scalability ensures we can handle increasing data volumes without architectural rewrites.

Our database schema includes tables for medical exams, lab results, tracked metrics, user profiles, and more. We use PostgreSQL's JSON columns for flexible data storage while maintaining relational integrity for structured data. This hybrid approach allows us to store the highly structured data from lab tests in traditional relational tables while keeping more flexible document metadata in JSON format.

Supabase Auth handles user authentication, supporting email and password authentication with secure session management. The authentication system integrates seamlessly with our row-level security policies, ensuring users can only access their own data or data shared with them. When a user logs in, their session token automatically determines what data they can query, with security enforced at the database level rather than in application code.

Medical documents, PDFs, and images are stored in Supabase Storage, which provides S3-compatible object storage with access control through row-level security. The storage system includes CDN delivery for fast access worldwide and supports multiple storage buckets for organizing different file types. We use separate buckets for medical exams, shared exam clones, and public site images, each with appropriate access policies that ensure sensitive medical documents remain private while public blog images are cached globally.

For server-side processing that requires API keys or complex operations, we use Supabase Edge Functions, serverless functions that run on Deno at the edge. These functions handle AI processing with OpenAI and Claude APIs, OCR text extraction using Google Cloud Vision API, email sending via the Resend API, secure sharing and token generation, payment processing with Stripe webhooks, and organization management with atomic operations. By keeping API keys in Edge Functions rather than the client, we maintain security while enabling powerful AI-driven features. This architecture ensures that sensitive credentials never end up in browser code where they could be extracted by malicious actors.

AI Processing: Multi-Provider Architecture

One of VitalPulse's core features is AI-powered medical document processing. We've built a pluggable AI provider system that supports multiple AI models, giving us flexibility to choose the best model for each task and avoid vendor lock-in.

Our default AI provider is OpenAI's GPT, which excels at document classification, identifying exam types like laboratory, imaging, or cardiology reports. The model also handles data extraction, pulling structured data from unstructured medical reports, and generates personalized health summaries and recommendations based on the user's complete medical history.

We also support Claude, Anthropic's advanced language models, as an alternative provider. Users can switch between providers simply by changing an environment variable, making our system flexible and future-proof. This architecture means that as new AI models emerge, we can integrate them quickly and let users choose which model best meets their needs.

For OCR (Optical Character Recognition), we use Google Cloud Vision API to extract text from scanned medical documents and images. This allows users to upload photos of lab results taken with their phone, which we then process with AI. The combination of Google's OCR technology with GPT-4o or Claude's language understanding creates a powerful pipeline that transforms any medical document into structured, searchable data.

Security: Client-Side Encryption

Privacy is paramount in healthcare applications. VitalPulse implements client-side AES-256-GCM encryption for all personal profile data, including names, birthdates, and family relationships. This means we've built a zero-knowledge architecture where we cannot access users' personal information even if we wanted to. Encryption keys are derived from user sessions and never stored permanently, ensuring that only the authenticated user can decrypt their family's personal information. Users don't need to manage keys manually; the encryption happens transparently in the browser as they use the application.

Medical exam data remains unencrypted on the server to enable AI processing, search, analytics, and secure sharing with healthcare professionals. This hybrid approach balances privacy with functionality. By encrypting only the personally identifiable information while keeping medical test results unencrypted, we enable powerful AI-driven health insights while protecting the most sensitive personal data. When users share exam results with their doctor, the doctor receives the medical data without ever accessing the family's encrypted personal profiles.

Internationalization: Multi-Language Support

VitalPulse serves users in multiple languages, currently supporting English and Greek. Our i18n system stores all translations in structured TypeScript files, ensuring that typos and missing translations are caught during development rather than discovered by users.

The system ensures no hardcoded strings appear in the UI; every piece of text flows through the translation layer. This architecture makes adding new languages straightforward as we expand to new markets. When we're ready to support a third language, we simply create a new translation file and let TypeScript verify that every translation key has been provided.

Payment Processing: Stripe

For handling point purchases, we integrate with Stripe, the industry-standard payment platform. Stripe provides PCI compliance out of the box, meaning we never handle credit card numbers directly. The secure Stripe Checkout flow handles payment collection, and webhook notifications inform our backend when payments are confirmed so we can credit users' accounts immediately.

As we plan an international expansion, Stripe's support for multiple currencies allows us to display prices in users' local currencies without building complex currency conversion systems ourselves. The integration also provides detailed fraud detection and dispute management, protecting both VitalPulse and our users from fraudulent transactions.

Email Delivery: Resend

Communication with users is critical for any healthcare platform, and we rely on Resend for transactional email delivery. Resend is a modern email API built for developers, offering a refreshingly simple approach to sending emails compared to legacy providers. We use Resend to send exam sharing notifications when users share medical records with healthcare professionals, organization invitations when businesses invite team members to join their workspace, and payment confirmations when users purchase points.

What sets Resend apart is its developer-friendly API and excellent deliverability rates. Email delivery is more complex than it appears – messages must navigate spam filters, authentication protocols like SPF and DKIM, and various provider-specific rules. Resend handles these complexities automatically, ensuring our critical notifications reach users' inboxes reliably. The integration with our Supabase Edge Functions is seamless, with API calls taking just a few lines of code. We can also track email delivery status, open rates, and bounces through Resend's dashboard, helping us monitor communication health and quickly identify any delivery issues.

Deployment: Vercel and Continuous Deployment

VitalPulse is hosted on Vercel, the platform created by the makers of Next.js. What makes Vercel exceptional for our workflow is its seamless integration with GitHub for continuous deployment. Every code push automatically triggers a new deployment, with the entire process from commit to live site taking just minutes.

We maintain three parallel environments throughout our entire stack – development, testing, and production. This separation extends across code repositories, database instances, and deployment environments. Changes flow through development first for initial implementation, then move to testing where they're thoroughly validated with sample data and non-production configurations. Only after passing all testing do they reach production, ensuring that our live users experience stable, well-tested features. This multi-stage approach eliminates the risk of experimental features affecting real users while allowing our team to move quickly on new development.

This automated deployment workflow eliminates manual deployment steps and reduces the risk of human error. Vercel handles building the application, running optimizations, distributing assets to the edge network, and routing traffic to new versions with zero downtime. Preview deployments are automatically generated for work-in-progress features, allowing us to test changes in production-like environments before they reach either environment. These preview URLs can be shared with stakeholders for feedback, making collaboration seamless.

Vercel's edge CDN ensures fast content delivery worldwide, with users in Athens and New York experiencing equally responsive load times. Vercel Analytics and Speed Insights give us real-time insight into how the application performs in actual user environments, helping us identify bottlenecks and optimize the experience. Environment variable management provides secure configuration storage, keeping sensitive credentials separate from our codebase. We also leverage Vercel's edge network to cache public images through URL rewrites, reducing load on our Supabase storage and improving page load times globally.

Development Tools and Monitoring

Our development workflow is powered by ESLint for code quality and consistency, ensuring that all developers follow the same coding standards. Git provides version control, and GitHub hosts our code and facilitates collaboration through pull requests and code reviews.

A significant accelerator in our development process has been AI-assisted coding with Claude. Rather than traditional development where engineers write every line of code manually, we've embraced "vibe coding" – a collaborative approach where developers articulate the intent and architecture while Claude handles much of the implementation. This partnership dramatically accelerates feature development without sacrificing code quality. Claude understands our codebase patterns, follows our TypeScript conventions, maintains our i18n requirements, and adheres to our accessibility standards. Complex features that might take days to implement can now be scaffolded in hours, allowing our team to focus on product strategy, user experience design, and architectural decisions rather than repetitive coding tasks. This isn't about replacing developers – it's about amplifying their capabilities and letting them operate at a higher level of abstraction.

To understand how users interact with VitalPulse, we use Vercel Analytics for tracking page views and user flows, along with Vercel Speed Insights for monitoring performance metrics. This data helps us identify which features users value most and where performance optimizations would have the greatest impact.

Why This Stack?

We chose this technology stack for several interconnected reasons. Modern tools like Vite, React 19, and TypeScript make development fast and enjoyable, which translates directly to faster feature delivery for users. Fast load times, smooth interactions, and accessibility ensure users love the platform and trust it with their family's health data.

Security was paramount in our technology choices. Client-side encryption, secure authentication, and proper API key management protect sensitive health data while still enabling powerful AI features. PostgreSQL, Supabase Edge Functions, and Vercel's CDN provide the scalability to grow from hundreds to millions of users without architectural rewrites.

Our pluggable AI provider system and modular architecture give us flexibility to adapt quickly as the healthcare technology landscape evolves. Finally, open-source tools and efficient cloud platforms keep costs manageable, allowing us to offer competitive pricing while investing in product development.

Looking Forward

As VitalPulse continues to evolve, we're exploring additional technologies. We're actively developing native mobile applications for iOS and Android, leveraging Claude Code to accelerate the development process just as we did with the web platform. These mobile apps will bring VitalPulse's health management capabilities directly to users' pockets, with features optimized for on-the-go access to medical records, quick exam uploads using phone cameras, and push notifications for upcoming health events.

We've already successfully tested integration with wearable devices, and we're expanding these capabilities to automate health data collection. Our early tests have demonstrated the ability to pull real-time health metrics from smart watches and fitness trackers directly into the platform. As we expand this functionality, users will be able to automatically import blood pressure readings, heart rate data, glucose levels from continuous monitors, and activity metrics without manual data entry. This integration will create a more complete picture of a user's health by combining physician-ordered lab tests with continuous monitoring data from daily life.

Building a healthcare platform requires balancing many concerns: security, usability, compliance, and innovation. The technology stack we've chosen for VitalPulse provides a solid foundation for delivering a product that empowers families to take control of their health data while maintaining the highest standards of privacy and security.

Let's Build Something Together

At AIQON, we bring this same level of technical expertise and attention to detail to every project we undertake. If you're looking to build a health tech application, AI-powered platform, or any secure, scalable web solution, we'd love to hear from you. Our team combines modern technologies with best practices in security, accessibility, and user experience to create products that users trust and love.

Ready to discuss your project? Contact us to learn more about how we can help bring your vision to life.