Menu
Build HIPAA-compliant telemedicine apps with PubNub real-time messaging
Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.
Based on SOC occupation classification
Build real-time applications with PubNub pub/sub messaging. Covers SDK initialization, persistent userId, channel design and naming, publish/subscribe basics, message listeners, and connection state. Use when bootstrapping a PubNub project, adding pub/sub to an app, designing channel hierarchies, or working out userId / channel naming rules.
Deliver real-time sports scores, play-by-play, and scoreboards with PubNub
Create, configure, and deploy PubNub Functions 2.0 event handlers, triggers, and serverless endpoints. Covers Before/After Publish, On Request, On Interval; built-in modules (kvstore, xhr, vault, pubnub, crypto, jwt, ugc, jsonpath, advanced_math, codec/*); chaining (3 hops, 5 consecutive, Chaining vs Forking, kvstore state sharing); runtime quirks (3-call external cap, 10-call vault cap, cold start, request.path normalization, vault availability, sendFile message); DB-trigger patterns; and bundling/TypeScript workflow (esbuild externals, 64KB guard, __require shim stripping, default-export shape). Use when building real-time message transformations, edge data processing, REST endpoints backed by PubNub, webhook integrations, or shipping bundled/transpiled TypeScript Functions from inside the message pipeline.
Builds real-time analytics and automation with PubNub Illuminate. Covers Business Objects (schema), Metrics (aggregations), Decisions (threshold-triggered actions with the 4-step PUT workflow), Queries (ad-hoc vs saved pipelines), and Dashboards. Use when tracking KPIs, building threshold alerts, automating mute/publish/App-Context-update actions, detecting spam or anomalies, or visualizing live activity.
Scale PubNub applications for high-volume real-time events using channel groups, wildcard subscriptions, sharding, and large-event readiness. Covers Stream Controller add-on, hard caps, payload coalescing referenced into pubnub-observability, and the engagement model for 10K+ concurrent live events. Persistence/history is owned by pubnub-history.
Deliver real-time stock quotes and market data with PubNub
| name | pubnub-telemedicine |
| description | Build HIPAA-compliant telemedicine apps with PubNub real-time messaging |
| license | PubNub |
| metadata | {"author":"pubnub","version":"0.2.0","domain":"real-time","triggers":"pubnub, telemedicine, hipaa, telehealth, patient queue, healthcare, video chat, appointment","role":"specialist","scope":"implementation","output-format":"code"} |
Canonical owners (link-don't-copy): This vertical relies on cross-cutting skills. Always link to the canonical owner instead of duplicating. Foundations: SDK initialization (
new PubNub(,userId/UUID), pub/sub basics (pubnub.publish(,pubnub.subscribe(,addListener), channel naming, message filters, SDK upgrades, REST API. Environment: keysets, env separation, publish/subscribe/secret keys, key rotation hygiene, demo keys, custom origin. Security: Access Manager /grantToken, AES-256 / message encryption, IP allowlisting, DoS mitigation, compliance / SOC 2 / HIPAA. Real-time features: presence events /withPresence, presence setup / heartbeat, dropped connections, multi-device sync. History: Message Persistence andfetchMessages, offline catch-up, retention. App Context: users / user metadata, channels and memberships, metadata and filtering. Functions: Before/After Publish,request.ok()/request.abort(),require('kvstore')/xhr/vault, chaining (3-hop limit), DB triggers and runtime quirks, common patterns. Reliability: exponential backoff and jitter, idempotent publish / message id, dedup on merge, queue and retry, schema version. Scale: channel groups, wildcard subscribe, Stream Controller, performance tuning, 10K+ live events. Observability: logging correlation (channel + message_id + user_id + timetoken), test pyramid, payload sizing / cost, incident triage runbook, usage metrics / transaction count. Events & Actions: event types, action targets (webhook / SQS / Kafka / Lambda), filters / JSONPath. Illuminate: Business Objects, Metrics, Decisions (4-step workflow), Queries, service integration auth. Chat: Chat SDK setup, message actions / reactions, file sharing /sendFile, threading. Routing: intent-to-tool decision tree (get_sdk_documentation,write_pubnub_app, etc.).
You are a specialist in building HIPAA-compliant telemedicine applications using PubNub's real-time messaging infrastructure. You help developers implement secure patient-provider communication, virtual waiting rooms, video consultation signaling, appointment notifications, and healthcare data exchange — all while meeting strict regulatory requirements for protected health information (PHI).
Invoke this skill when:
Assess Healthcare Requirements — Identify the specific telemedicine use case, compliance requirements (HIPAA, BAA), patient/provider roles, and PHI data flows that the application must support.
Configure Secure Infrastructure — Set up PubNub with AES-256 encryption, Access Manager token-based authorization, and audit logging to establish a HIPAA-compliant foundation. Reference telemedicine-setup.md for detailed configuration.
Implement Patient-Provider Channels — Design channel architecture for one-on-one consultations, group consultations, waiting rooms, and notification delivery using healthcare-specific naming conventions and access controls.
Build Telemedicine Features — Implement patient queue management, real-time notifications, provider availability tracking, consent management, and secure file sharing. Reference telemedicine-features.md for feature implementation details.
Integrate Consultation Patterns — Wire up consultation workflows including check-in, waiting room, video signaling, multi-provider sessions, emergency escalation, and follow-up. Reference telemedicine-patterns.md for architectural patterns.
Validate Compliance and Test — Verify encryption is active on all PHI channels, confirm Access Manager policies enforce least-privilege, validate audit logs capture all required events, and test message retention and deletion policies.
| Reference | Purpose |
|---|---|
| telemedicine-setup.md | HIPAA configuration, encryption setup, Access Manager for healthcare roles, BAA requirements, and SDK initialization |
| telemedicine-features.md | Patient queue management, real-time notifications, provider availability, consent management, and secure file sharing |
| telemedicine-patterns.md | Consultation workflows, WebRTC video signaling, audit logging, multi-provider sessions, and emergency escalation |
Every telemedicine application must initialize PubNub with encryption enabled and Access Manager enforcing role-based access. PHI must never traverse unencrypted channels.
import PubNub from 'pubnub';
const pubnub = new PubNub({
publishKey: process.env.PUBNUB_PUBLISH_KEY,
subscribeKey: process.env.PUBNUB_SUBSCRIBE_KEY,
secretKey: process.env.PUBNUB_SECRET_KEY, // Server-side only
userId: currentUser.id,
cryptoModule: PubNub.CryptoModule.aesCbcCryptoModule({
cipherKey: process.env.PUBNUB_CIPHER_KEY
}),
ssl: true,
logVerbosity: false // Disable in production to prevent PHI leaks in logs
});
All messages containing patient data must be published on encrypted channels with proper access tokens. Message payloads should minimize PHI exposure.
async function sendSecureMessage(channelId, message, senderRole) {
const payload = {
id: crypto.randomUUID(),
type: message.type,
content: message.content,
sender: {
id: message.senderId,
role: senderRole // 'provider' | 'patient' | 'nurse'
},
timestamp: new Date().toISOString(),
metadata: {
encrypted: true,
consentVerified: true,
auditRef: crypto.randomUUID()
}
};
try {
const result = await pubnub.publish({
channel: channelId,
message: payload,
storeInHistory: true,
meta: {
senderRole: senderRole,
messageType: message.type
}
});
await logAuditEvent('MESSAGE_SENT', channelId, payload.metadata.auditRef);
return result;
} catch (error) {
await logAuditEvent('MESSAGE_FAILED', channelId, payload.metadata.auditRef);
throw new Error(`Secure message delivery failed: ${error.message}`);
}
}
Use Access Manager to enforce role-based access. Providers can access consultation channels, patients can only access their own channels, and administrative staff have scoped permissions.
async function grantProviderAccess(providerId, consultationChannelId, ttlMinutes = 60) {
const token = await pubnub.grantToken({
ttl: ttlMinutes,
authorizedUUID: providerId,
resources: {
channels: {
[consultationChannelId]: {
read: true,
write: true,
get: true,
update: true
},
[`${consultationChannelId}.files`]: {
read: true,
write: true
}
}
},
patterns: {
channels: {
[`consultation.${providerId}.*`]: {
read: true,
write: true
}
}
}
});
return token;
}
async function grantPatientAccess(patientId, consultationChannelId, ttlMinutes = 30) {
const token = await pubnub.grantToken({
ttl: ttlMinutes,
authorizedUUID: patientId,
resources: {
channels: {
[consultationChannelId]: {
read: true,
write: true
}
}
}
});
return token;
}
get_chat_sdk_documentation — pull Chat SDK reference for the patient-provider conversation surface (route via intent-to-tool)get_sdk_documentation — pull SDK-specific publish/subscribe APIsgrant_token — issue scoped grants per encounter (patient + provider only, short TTL)create_pubnub_function — scaffold the Before-Publish consent / PHI redaction validatormanage_apps — verify Message Persistence and add-ons against your BAArequire('vault') for keys, DB-trigger to audit logWhen providing implementations:
consultation.{providerId}.{patientId})