Ctrl Alt Heal

Team Name

CTRL + ALT + HEAL

Timeline

Fall 2024 – Spring 2025

Students

  • Nathan Chugito – CS
  • Saja Hussein – SE
  • Duy Pham – CS
  • Hien Le – CS
  • Nu Ton – CS
  • Aindrilla Bhattacharya – CS

Sponsor

Cook Children’s Hospital

Abstract

The Hospital GUI is a dual-screen interface system that connects healthcare providers
and patients through digital interaction. Staff can update medical information while
patients access personalized care details and provide feedback simultaneously. Using
React.js and MongoDB with JWT security, the system offers real-time monitoring,
schedule management, and QR code access. This solution digitizes patient care
communication, enhances satisfaction through direct feedback, and streamlines clinical
workflows while protecting sensitive medical data.

Background

Hospitals face significant challenges in providing accessible entertainment and
information systems for patients while maintaining data security. Current solutions are
often fragmented, expensive, or difficult to use from a hospital bed.
The Hospital GUI targets hospital administrators seeking modern patient engagement
solutions, healthcare providers needing efficient information tools, and patients requiring
accessible interfaces. The system serves medical facilities aiming to improve
communication and reduce paperwork. Technical implementers appreciate the security
architecture and deployment simplicity, while clinical users benefit from intuitive
workflows and realtime updates across varying levels of technical ability.

Project Requirements

HIPAA-Compliant Security Framework

  • Touch/mouse-free critical functions
  • Strong encryption with dedicated keys
  • JWT authentication and encrypted sessions
  • Secure MongoDB Atlas integration
  • CORS controls
  • Multiple layers of protection for patient health
    information

Real-Time Patient-Staff Synchronization System

  • Bi-directional communication between interfaces
  • Multi-channel synchronization methods
  • Immediate status updates for critical conditions
  • Consistent data across multiple screens/devices

Accessible Remote-Control Navigation

  • Arrow-key navigation system for mobility-impaired
    patients
  • Visual focus indicators
  • Intuitive navigation patterns

Design Constraints

Interoperability

The system must interface with existing hospital TV infrastructure and potentially connect to nurse station systems, requiring standardized communication protocols.

Safety & Welfare

As the system manages patient communication with medical staff, it must include redundancy for critical functions like nurse calls and ensure accessibility for patients with varied abilities.

Security

Patient data protection follows HIPAA requirements with secured authentication, data encryption, role-based access control, comprehensive audit logging, and secure transmission protocols.

Usability

The interface is designed for patients in hospital beds using remote controls, with large text, simple navigation, and minimal input requirements. Staff interface balances security with efficiency for medical professionals.

Cost/Economic

The system is designed to be cost-effective with minimal hardware requirements, utilizing existing TV infrastructure and low-cost USB deployment.

Maintainability

Components follow a modular design, allowing for easy updates and maintenance without disrupting patient care.

Engineering Standards

Authentication & Encryption/Security Standards

  • JWT for secure authentication
  • HTTPS for encrypted data transmission
  • HIPAA Security Rule compliance for all data handling
  • MongoDB Atlas security protocols for database protection

Common Engineering Standards

  • React component design patterns
  • REST API design principles
  • HIPAA standards for healthcare applications
  • ADA accessibility guidelines for software applications

Programming/Web Dev Standards

  • React.js best practices for frontend development
  • Node.js standards for backend implementation
  • MongoDB schema design principles
  • Electron.js deployment standards

HIPAA Compliance

  • Encrypted data transmission and storage
  • Secure authentication and authorization
  • Audit logging of all data access
  • Role-based access controls
  • Automatic timeout for staff sessions
  • No persistence of sensitive data in browser storage

System Overview

The system architecture consists of three primary components:

  1. Presentation Layer: The Presentation Layer delivers the user interface through React.js components optimized for hospital environments. This layer implements TV-friendly styling with high contrast elements and large touch targets, while supporting keyboard navigation for remote control compatibility. It dynamically renders patient or staff views based on user role and maintains synchronized displays across dual screens using event listeners and localStorage for real-time updates, ensuring consistent information presentation regardless of viewing location.
  2. Application Layer: The Application Layer contains the core business logic coordinating system functionality. The Appointment Scheduling System manages patient activities with completion tracking, while the Communication System handles status alerts and nurse calls through browser events. The Authentication System implements secure access via JWT tokens and QR code registration with expiring crypto-tokens. Together, these subsystems enable healthcare workflows with proper security controls while providing seamless information flow between patients and healthcare providers.
  3. Data Access Layer: The Data Access Layer manages data operations through MongoDB Atlas, using Mongoose schemas for validation and structure. User and Login Repositories handle patient information and authentication, while Registration components process new patient enrollment with secure tokens. Data Storages maintain encrypted collections for patient records, feedback submissions, and schedules with change tracking. This layer ensures all database interactions follow healthcare data protection standards with proper error handling and connection security.

The application is designed for deployment via USB drives that can be easily moved between hospital room TVs

Results

The system implementation successfully:

  • Provides dual interfaces with proper HIPAA security measures
  • Delivers TV-optimized display with remote control navigation
  • Integrates with MongoDB for secure data storage
  • Enables real-time communication between patient and nurse stations
  • Supports patient input for preferences and needs

Future Work

Planned enhancements include:

  • USB deployment for portable installation across hospital TVs
  • Integration with hospital EMR systems
  • Enhanced entertainment options
  • Additional accessibility features
  • Mobile companion app for family members
  • Expansion of the patient journal system

Project Files

Project Charter
System Requirements Specification
Architectural Design Specification
Detailed Design Specification
Poster

References

[1] U.S. Department of Health and Human Services, “Summary of the HIPAA privacy rule,” HHS.gov, 2022.
https://www.hhs.gov/hipaa/for-professionals/privacy/lawsregulations/index.html

[2] MongoDB, “Security — MongoDB Manual,” www.mongodb.com.
https://www.mongodb.com/docs/manual/security/

[3] Electron, “Application Architecture,” Electronjs.org.
https://www.electronjs.org/docs/latest/tutorial/application-architecture

[4] React, “React Component Patterns,” Reactjs.org.
https://react.dev/reference/react/components

[5] JWT.io, “Introduction to JSON Web Tokens,” JWT.io.
https://jwt.io/introduction

Steven McDermott