The Complex Patient
An offline-first, zero-knowledge health platform for people living with rare, overlapping, and hard-to-pin-down conditions. Your data stays encrypted on your device — the server never sees plaintext.
Why zebras
Built for patients who don’t fit the textbook
In medicine, trainees are taught: when you hear hoofbeats, think horses, not zebras. But for millions of people with rare, multisystem, or misdiagnosed conditions, they are the zebra — complex, unique, and poorly served by one-size-fits-all tools.
The Complex Patient is privacy-first infrastructure for that reality: track medications, symptoms, conditions, flares, and how they connect — with end-to-end encryption and offline access, so your story stays yours.
Zero-knowledge by design. Plaintext health data never leaves your device. The server stores only opaque encrypted blobs — even a full breach cannot reveal your PHI, passphrase, or keys.
Production: Web app · WordPress site · Architecture docs
Start here
Architecture
How encryption, local storage, sync, and the blind WordPress backend fit together.
Web app
The encrypted client at /secure on thecomplexpatient.com.
Developer setup
Run the WordPress sync plugin locally and connect the Expo client.
Expo monorepo
Apps, shared packages, crypto engine, sync worker, and UI.
Core guarantee
Plaintext health data never leaves your device. Two separate credentials protect different things:
| Credential | Purpose |
|---|---|
| WordPress login | Authenticates sync to the backend |
| Master passphrase | Encrypts and decrypts your vault — never sent to the server |
Signing in does not unlock your vault. Unlock requires your passphrase (or biometrics on native devices).