← All work

Healthcare software, Eltrus Limited

Medical Database

The practice-management system a surgical clinic actually runs on: patient records, a surgery queue, and audit trails that have to be right the first time.

Role
Sole developer
In production
Since October 2025
Stack
React, Supabase
The patient search screen of the practice-management system, logged in as a test auditor account, with a placeholder example query
Patient search, the screen the front desk lives in. Shown here on a test account with demo data only.
patients tracked
~400
access roles
4
backend services
11
live in daily use since
Oct 2025

Software a clinic depends on

This is the unglamorous kind of project I like most: a real surgical clinic opens this system every morning and uses it to run the day. It holds roughly 400 patient records and the scheduling, procedures, and billing wrapped around them. When it is wrong, someone’s appointment is wrong, so the whole thing is built to be boring on purpose.

I built and maintain it solo under Eltrus Limited. It has been in production since October 2025, and the brief was never “make it clever”. It was “make it dependable”, which is a different and harder problem.

The surgery queue

The queue is the heart of it. Every patient awaiting a procedure sits in one list, sorted by how overdue they are, so nobody quietly slips off the end. The clinic can sort by surgery date, name, or priority, and the queue colour-codes urgency from overdue down through urgent, moderate, scheduled, and not-yet-scheduled.

Around it sits a statistics dashboard for wait times, procedures by type and by consultant, and outcome distribution. It turns a spreadsheet’s worth of guesswork into something the clinic can actually read at a glance.

Patient search interface showing a clean search field with a demo placeholder query and an empty results state

Search resolves a patient by number, name, or date of birth and picks the best match automatically.

The patient registry screen of the practice-management system on a clean light interface

The registry view, built for speed at the front desk rather than for a demo.

Who can see what

Patient data means access control is not optional. Four roles draw the lines: an auditor who can see everything including the audit log, a superadmin who manages users and can delete records, a sub-admin who edits but cannot delete, and a read-only user who can only look patients up.

Those rules are enforced in the database itself with Postgres row-level security, not just hidden in the UI, so a missing button is never the only thing standing between someone and a record they should not see.

Auditable by design

Nothing is ever truly deleted. Every removal is a soft delete with a timestamp, and a dedicated audit log records who touched what and when. In a clinical setting that is the difference between “we think that record changed” and “here is exactly when, and by whom”.

The backend is split into eleven small Supabase services, one each for patients, treatments, investigations, comments, queues, statistics, imports, exports, users, and the rest, with validation on every endpoint. It is deliberately unexciting plumbing, which is exactly what you want under something people trust with their patients.

React 19 TypeScript Supabase Postgres + RLS Edge Functions TanStack Query Zod validation
← All work Next project

ForceField →