da Vinci
Empowering surgical precision worldwide
Live Demo
Overview
The da Vinci platform is the world's most-used robotic surgery system. I built the mobile and web companion apps that surgeons use to track procedures, manage OR schedules, and review outcomes — deployed across thousands of hospitals globally under strict HIPAA and medical-device compliance. Work spanned React Native, Ionic + Angular, and an AWS serverless backend, all designed so that unreliable hospital WiFi never blocks a surgeon in the OR.
The Challenge
Operating rooms are the worst environment for a connected app. WiFi is shielded or overloaded, surgeons can't wait for a spinner, and every byte of PHI is regulated. The legacy web app broke offline, took too long on reconnect, and its auth model couldn't meet HIPAA session rules without frustrating the people who actually use it.
The Solution
Shipped an offline-first architecture where local is the source of truth and sync is a background concern. WatermelonDB provided observable queries and conflict-free merges across devices. OKTA SSO with biometric unlock met HIPAA session requirements without dragging surgeons through passwords at every pause. Everything that touched PHI was encrypted at rest, pinned in transit, and scoped to short-lived sessions.
Architecture
Offline-first mobile and web apps on top of an AWS serverless backend. Every layer — auth, storage, sync, network — is hardened for HIPAA, and the app is usable with zero connectivity.
Key Decisions & Tradeoffs
Offline-first, not offline-fallback
Why: OR networks are unreliable by design — shielded rooms, RF interference, hospital VLANs. Treating offline as the primary mode rather than a fallback kept surgeons unblocked and eliminated entire classes of sync-state bugs.
WatermelonDB over plain SQLite
Why: Needed conflict-free sync across multiple devices per surgeon and observable queries for reactive UI. WatermelonDB's sync primitives removed the hand-rolled merge logic that plagued the previous Cordova app.
OKTA SSO with biometric unlock on resume
Why: HIPAA dictates session length and forced re-auth. Biometric unlock on every resume kept the friction low enough that surgeons didn't work around security, which is the usual failure mode in clinical software.
SSL pinning with a certificate rotation playbook
Why: Medical data over hospital networks can't trust the network. Pinned certs stop MITM — but pinning without a rotation playbook is how apps brick themselves on expiry day. Both had to ship together.
AWS serverless for the backend
Why: Small team, global deployment, bursty hospital traffic. Lambda + DynamoDB + S3 kept cost aligned with usage, passed HIPAA attestation out of the box, and let the mobile team ship backend changes without a dedicated ops rotation.
What I took away from this project
Lessons that still shape how I build — in my own words.
Offline-first changed how I design every app since
Before da Vinci, I treated offline as a fallback mode — something to patch in if users complained. Working in ORs taught me that offline should be the primary mode on anything that touches real-world workflows. The moment you flip that switch, entire classes of sync-state bugs disappear, and the app feels faster even when the network is perfect.
Security that gets in the way will be worked around
The usual failure mode in clinical software isn't that security is too weak — it's that it's so friction-heavy surgeons share accounts, write passwords on whiteboards, or leave sessions unlocked. Biometric unlock on resume gave us HIPAA-compliant session rules without the friction, and actual compliance went up because the humans cooperated with the system instead of fighting it.
Certificate pinning without a rotation playbook is a loaded gun
We shipped SSL pinning early to stop MITM on hospital networks. A few months in, I realized we had no plan for the day the cert rotated. Pinning without a rotation runbook is how apps brick themselves on expiry day. Now I treat the rotation playbook as part of the feature, not documentation you write later.
Impact
Technology Stack
Frontend
Backend
Security
Offline & Sync
Key Features
Related case studies
Want something like this, built for you?
If the da Vinci story sounds close to what you're trying to ship, a 30-min call is the fastest way to find out if we're a fit.