Stop Putting Health Data in the Cloud by Default
Most health apps start with the wrong assumption.
They assume the user is stable.
Stable enough to create an account. Stable enough to manage passwords. Stable enough to understand privacy settings. S
blog.paintracker.ca5 min read
Technical stack behind this build, for anyone who wants to dig in:
PWA (installable, offline behavior via manifest + service worker) IndexedDB for local structured storage — entries stay on device by default Service Worker for static asset caching and offline reliability Web Crypto for client-side encryption paths User-initiated export instead of forced cloud sync No required account for the core tracker
The stack decisions are not just technical preferences. Each one is a response to a specific failure mode.
IndexedDB instead of a remote database: if the server goes down, the user does not lose access to their own health records. No required account: a user in a flare at 2am can log symptoms without a password reset flow blocking them. User-controlled export: the user owns the data format, not the platform.
The bigger design question I am still working through: what does "safe to fail" actually mean for software used by people who are already in pain, cognitively impaired, or under medical or legal pressure?
That is the question I want feedback on most.