Why teams pick PocketClinic
Building a patient-facing healthcare app has two hard requirements that most mobile frameworks ignore entirely. The first is HIPAA compliance — which is not a checkbox but a specific set of technical and administrative controls around how PHI is stored, transmitted, and accessed. The second is Apple's HealthKit review process, which rejects apps that request health data without demonstrating clear clinical value and proper user consent flows.
PocketClinic is a white-label framework that handles both. The PHI storage model follows the same principle as our clinic intake work: application databases hold references and metadata; actual health records are in AWS HealthLake behind FHIR R4 APIs. The device stores nothing sensitive beyond the active session. If a phone is lost or stolen, there is no patient data to recover.
The HealthKit integration was built after reviewing two years of App Store rejection patterns. The permission request flow, the pre-permission explanation screens, and the write-back consent model all follow Apple's current review requirements exactly. New apps built on PocketClinic have a first-submission approval track record.
Who it is for
PocketClinic is used by digital health startups building patient engagement apps, clinic networks rolling out patient portals, pharmaceutical companies running decentralised clinical trial applications, and healthcare organisations replacing paper-based patient intake.