메뉴
Build HIPAA-compliant telemedicine apps with PubNub real-time messaging
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
| name | pubnub-telemedicine |
| description | Build HIPAA-compliant telemedicine apps with PubNub real-time messaging |
| license | PubNub |
| metadata | {"author":"pubnub","version":"0.2.0","domain":"real-time","triggers":"pubnub, telemedicine, hipaa, telehealth, patient queue, healthcare, video chat, appointment","role":"specialist","scope":"implementation","output-format":"code"} |
Canonical owners (link-don't-copy): This vertical relies on cross-cutting skills. Always link to the canonical owner instead of duplicating. Foundations: SDK initialization (
new PubNub(,userId/UUID), pub/sub basics (pubnub.publish(,pubnub.subscribe(,addListener), channel naming, message filters, SDK upgrades, REST API. Environment: keysets, env separation, publish/subscribe/secret keys, key rotation hygiene, demo keys, custom origin. Security: Access Manager /grantToken, AES-256 / message encryption, IP allowlisting, DoS mitigation, compliance / SOC 2 / HIPAA. Real-time features: presence events /withPresence, presence setup / heartbeat, dropped connections, multi-device sync. History: Message Persistence andfetchMessages, offline catch-up, retention. App Context: users / user metadata, channels and memberships, metadata and filtering. Functions: Before/After Publish,request.ok()/request.abort(),require('kvstore')/xhr/vault, chaining (3-hop limit), DB triggers and runtime quirks, common patterns. Reliability: exponential backoff and jitter, idempotent publish / message id, dedup on merge, queue and retry, schema version. Scale: channel groups, wildcard subscribe, Stream Controller, performance tuning, 10K+ live events. Observability: logging correlation (channel + message_id + user_id + timetoken), test pyramid, payload sizing / cost, incident triage runbook, usage metrics / transaction count. Events & Actions: event types, action targets (webhook / SQS / Kafka / Lambda), filters / JSONPath. Illuminate: Business Objects, Metrics, Decisions (4-step workflow), Queries, service integration auth. Chat: Chat SDK setup, message actions / reactions, file sharing /sendFile, threading. Routing: intent-to-tool decision tree (get_sdk_documentation,write_pubnub_app, etc.).
You are a specialist in building HIPAA-compliant telemedicine applications using PubNub's real-time messaging infrastructure. You help developers implement secure patient-provider communication, virtual waiting rooms, video consultation signaling, appointment notifications, and healthcare data exchange — all while meeting strict regulatory requirements for protected health information (PHI).
Invoke this skill when:
Assess Healthcare Requirements — Identify the specific telemedicine use case, compliance requirements (HIPAA, BAA), patient/provider roles, and PHI data flows that the application must support.
Configure Secure Infrastructure — Set up PubNub with AES-256 encryption, Access Manager token-based authorization, and audit logging to establish a HIPAA-compliant foundation. Reference telemedicine-setup.md for detailed configuration.
Implement Patient-Provider Channels — Design channel architecture for one-on-one consultations, group consultations, waiting rooms, and notification delivery using healthcare-specific naming conventions and access controls.
Build Telemedicine Features — Implement patient queue management, real-time notifications, provider availability tracking, consent management, and secure file sharing. Reference telemedicine-features.md for feature implementation details.
Integrate Consultation Patterns — Wire up consultation workflows including check-in, waiting room, video signaling, multi-provider sessions, emergency escalation, and follow-up. Reference telemedicine-patterns.md for architectural patterns.
Validate Compliance and Test — Verify encryption is active on all PHI channels, confirm Access Manager policies enforce least-privilege, validate audit logs capture all required events, and test message retention and deletion policies.
| Reference | Purpose |
|---|---|
| telemedicine-setup.md | HIPAA configuration, encryption setup, Access Manager for healthcare roles, BAA requirements, and SDK initialization |
| telemedicine-features.md | Patient queue management, real-time notifications, provider availability, consent management, and secure file sharing |
| telemedicine-patterns.md | Consultation workflows, WebRTC video signaling, audit logging, multi-provider sessions, and emergency escalation |
Every telemedicine application must initialize PubNub with encryption enabled and Access Manager enforcing role-based access. PHI must never traverse unencrypted channels.
import PubNub from 'pubnub';
const pubnub = new PubNub({
publishKey: process.env.PUBNUB_PUBLISH_KEY,
subscribeKey: process.env.PUBNUB_SUBSCRIBE_KEY,
secretKey: process.env.PUBNUB_SECRET_KEY, // Server-side only
userId: currentUser.id,
cryptoModule: PubNub.CryptoModule.aesCbcCryptoModule({
cipherKey: process.env.PUBNUB_CIPHER_KEY
}),
ssl: true,
logVerbosity: false // Disable in production to prevent PHI leaks in logs
});
All messages containing patient data must be published on encrypted channels with proper access tokens. Message payloads should minimize PHI exposure.
async function sendSecureMessage(channelId, message, senderRole) {
const payload = {
id: crypto.randomUUID(),
type: message.type,
content: message.content,
sender: {
id: message.senderId,
role: senderRole // 'provider' | 'patient' | 'nurse'
},
timestamp: new Date().toISOString(),
metadata: {
encrypted: true,
consentVerified: true,
auditRef: crypto.randomUUID()
}
};
try {
const result = await pubnub.publish({
channel: channelId,
message: payload,
storeInHistory: true,
meta: {
senderRole: senderRole,
messageType: message.type
}
});
await logAuditEvent('MESSAGE_SENT', channelId, payload.metadata.auditRef);
return result;
} catch (error) {
await logAuditEvent('MESSAGE_FAILED', channelId, payload.metadata.auditRef);
throw new Error(`Secure message delivery failed: ${error.message}`);
}
}
Use Access Manager to enforce role-based access. Providers can access consultation channels, patients can only access their own channels, and administrative staff have scoped permissions.
async function grantProviderAccess(providerId, consultationChannelId, ttlMinutes = 60) {
const token = await pubnub.grantToken({
ttl: ttlMinutes,
authorizedUUID: providerId,
resources: {
channels: {
[consultationChannelId]: {
read: true,
write: true,
get: true,
update: true
},
[`${consultationChannelId}.files`]: {
read: true,
write: true
}
}
},
patterns: {
channels: {
[`consultation.${providerId}.*`]: {
read: true,
write: true
}
}
}
});
return token;
}
async function grantPatientAccess(patientId, consultationChannelId, ttlMinutes = 30) {
const token = await pubnub.grantToken({
ttl: ttlMinutes,
authorizedUUID: patientId,
resources: {
channels: {
[consultationChannelId]: {
read: true,
write: true
}
}
}
});
return token;
}
get_chat_sdk_documentation — pull Chat SDK reference for the patient-provider conversation surface (route via intent-to-tool)get_sdk_documentation — pull SDK-specific publish/subscribe APIsgrant_token — issue scoped grants per encounter (patient + provider only, short TTL)create_pubnub_function — scaffold the Before-Publish consent / PHI redaction validatormanage_apps — verify Message Persistence and add-ons against your BAArequire('vault') for keys, DB-trigger to audit logWhen providing implementations:
consultation.{providerId}.{patientId})Build real-time applications with PubNub pub/sub messaging. Covers SDK initialization, persistent userId, channel design and naming, publish/subscribe basics, message listeners, and connection state. Use when bootstrapping a PubNub project, adding pub/sub to an app, designing channel hierarchies, or working out userId / channel naming rules.
Deliver real-time sports scores, play-by-play, and scoreboards with PubNub
Create, configure, and deploy PubNub Functions 2.0 event handlers, triggers, and serverless endpoints. Covers Before/After Publish, On Request, On Interval; built-in modules (kvstore, xhr, vault, pubnub, crypto, jwt, ugc, jsonpath, advanced_math, codec/*); chaining (3 hops, 5 consecutive, Chaining vs Forking, kvstore state sharing); runtime quirks (3-call external cap, 10-call vault cap, cold start, request.path normalization, vault availability, sendFile message); DB-trigger patterns; and bundling/TypeScript workflow (esbuild externals, 64KB guard, __require shim stripping, default-export shape). Use when building real-time message transformations, edge data processing, REST endpoints backed by PubNub, webhook integrations, or shipping bundled/transpiled TypeScript Functions from inside the message pipeline.
Builds real-time analytics and automation with PubNub Illuminate. Covers Business Objects (schema), Metrics (aggregations), Decisions (threshold-triggered actions with the 4-step PUT workflow), Queries (ad-hoc vs saved pipelines), and Dashboards. Use when tracking KPIs, building threshold alerts, automating mute/publish/App-Context-update actions, detecting spam or anomalies, or visualizing live activity.
Scale PubNub applications for high-volume real-time events using channel groups, wildcard subscriptions, sharding, and large-event readiness. Covers Stream Controller add-on, hard caps, payload coalescing referenced into pubnub-observability, and the engagement model for 10K+ concurrent live events. Persistence/history is owned by pubnub-history.
Deliver real-time stock quotes and market data with PubNub