Need an extra page/form added before checkout

Hey Everyone,

I have recently opened an online pharmacy and I need a page/form to be added to OpenCart that collects a customers medical data/history and stores it to a database before they complete the checkout process. I would like for this page/form to appear just before they are redirected to my payment services provider. Of course I am going to need access to this information so that our contracted physician can review it. I'm not really sure where this information could be stored though. Somewhere in the admin panel I assume....

Additionally, I would like for this information to be stored in the customer's account, so that they can edit it in the future from their user account if needs be.

My payment services provider has contacted me and told me that I have to collect the following information from my customer:

Provide an area/form to clients prior to purchase to provide the following information:

-Patient vitals (sex, weight, height, date of birth)
-Current medical condition
-Current intake of prescribed/herbal medications
-History of cosmetic/necessary surgery
-Current medical allergies
-Illness and medical history (lifetime and parental)
-Purpose of medication purchase
-Contact information of patient's overseeing physician
-Prescription upload option

Anybody who feels like they might be able to help me with this please feel free to respond or PM me. Of course I am willing to pay for the time and development of this.

Thanks!

I would be VERY careful with this one if I were you. This is very much in the domain of HIPAA and there are tons of regulations around that. First off I guarantee it will have to be encrypted both during transport SSL as well as before it's stored in the db (this is not typical opencart behavior) Also I would imagine there would have to be some additional security measures put in place in how the data is accessed. I would go find a HIPAA expert before I even started this to find out what all the requirements are going to be as well as a lawyer as I'm sure there's a ton of legal verbiage that will have to be there too.

Unless, of coarse, you are an offshore pharmacy......send me the link and the "password" when you're up and running!

</sarcasm>

Xsecrets wrote:I would be VERY careful with this one if I were you. This is very much in the domain of HIPAA and there are tons of regulations around that. First off I guarantee it will have to be encrypted both during transport SSL as well as before it's stored in the db (this is not typical opencart behavior) Also I would imagine there would have to be some additional security measures put in place in how the data is accessed. I would go find a HIPAA expert before I even started this to find out what all the requirements are going to be as well as a lawyer as I'm sure there's a ton of legal verbiage that will have to be there too.

Thank you for the information Xsecrets. It is really helpful.

nayand wrote:Unless, of coarse, you are an offshore pharmacy......send me the link and the "password" when you're up and running!

</sarcasm>

We are an online pharmacy if that's what you are referring to.

But nah, I don't think i'll be sending you a link and a password. I very much appreciate Xsecrets words of advice. I am opening a legitimate business, and the information Xsecrets supplied is really helpful and of course I am going to make sure that we are HIPAA compliant because I take privacy concerns seriously!