Healthcare case study

HIPAA-aligned patient self-service portal on Power Pages with Dataverse + FHIR

A multi-clinic group launched appointment booking, e-forms, lab results and bill pay on Power Pages, with Azure API for FHIR brokering EHR integration. 60% query deflection and 4.7/5 patient rating.

What we built Book a similar engagement
The Challenge

Where the customer was when they called us

A 9-clinic specialty group was drowning in inbound calls: appointments, intake forms, lab queries and bill pay all routed through one front-desk team. Patients waited 3-7 minutes on hold; receptionists faxed forms because the EHR did not expose secure web upload. Cancellation rates were creeping up because reminders went out only via SMS once.

The group wanted a branded, HIPAA-aligned patient portal that handled the top 5 self-service tasks — without ripping out the existing EHR, and without storing PHI in a SaaS form-builder of unknown provenance.

What we built

The solution architecture

  • Power Pages portal with patient identity via Microsoft Entra External ID + MFA on first login.
  • Appointment booking for 24 specialist calendars, with provider-specific slot rules.
  • Intake e-forms (PHQ-9, GAD-7, intake history) stored in Dataverse with audit logging.
  • Lab-result viewer pulling from the EHR via Azure API for FHIR (HL7 FHIR R4).
  • Bill pay through a regional gateway with PCI-DSS-tokenized cards (no PAN ever in our env).
  • SMS + email reminders 7d / 24h / 2h ahead via Power Automate; smart re-booking flow on cancel.
  • Per-record encryption at rest in Dataverse; private endpoint for the FHIR API; full audit log in Microsoft Purview.
Outcomes

What changed for the business

All numbers anonymized and rounded. Detailed reference call available under NDA.

60% Inbound query deflection top 5 tasks moved to portal
4.7/5 Patient satisfaction rating in-portal feedback prompt
-44% No-show rate after 3-stage reminder flow
0 PHI security incidents in 12 months post-launch
Tech stack

Built on Microsoft Cloud

The full Microsoft estate — no proprietary lock-in beyond what the customer already runs.

Power Pages Microsoft Entra External ID Dataverse Azure API for FHIR Power Automate Microsoft Purview Azure Key Vault Application Insights
Why KIT

What made the engagement work

  • HIPAA-aligned reference architecture used as the project starting point — no greenfield risk.
  • Joint design sessions with clinical staff to ensure the portal matched real triage workflows.
  • Quarterly access reviews and annual penetration testing baked into the run-mode contract.

Ready for an outcome like this?

Book a 90-minute discovery workshop. We’ll map your goals, sketch an architecture and quote a realistic phase-1 scope.

Book a Workshop
Related case studies

Other industries, similar story

Fintech

Cutting handle time on a 200-agent contact centre with D365 omnichannel routing

Read story
Manufacturing

Replacing paper job cards with Power Apps + IoT for a precision-engineering plant

Read story
Retail

12-store Business Central rollout with real-time inventory and intercompany postings

Read story
Education

Azure OpenAI tutor bot grounded in faculty courseware for blended-learning cohorts

Read story

See all case studies