Emergency Intake QR Code
When a patient presents at an ER, their recovery team should know — and the ER should have context. No phone calls. No faxes. One scan.
Coming Soon • Requires Legal Review
The Problem
When a patient in recovery presents at an emergency room, two things go wrong: the ER has zero context about their recovery program, and their clinician has no idea their patient is in crisis. By the time anyone makes a phone call or sends a fax, the moment has passed.
Phase 1 — Setup (During Onboarding)
┌──────────────┐ ┌──────────────┐ ┌──────────────┐
│ PATIENT │ │ ORBIIT │ │ OUTPUT │
│ │ │ │ │ │
│ Opts in to │───────>│ Validates │───────>│ QR code on │
│ emergency │ │ consent per │ │ dashboard │
│ sharing │ │ 42 CFR §2.31│ │ │
│ │ │ │ │ Printable │
│ Signs │ │ Scopes data │ │ wallet card │
│ consent │ │ fields │ │ │
└──────────────┘ └──────────────┘ └──────────────┘
│ │
└──── Can revoke anytime ── QR deactivated ─────┘
Phase 2 — Emergency Intake
┌──────────────┐ ┌──────────────┐ ┌──────────────┐
│ ER INTAKE │ │ ORBIIT │ │ CARE TEAM │
│ │ │ │ │ │
│ Scans QR │───────>│ Verifies │───────>│ Clinician │
│ at intake │ │ facility │ │ notified │
│ │ │ credentials │ │ immediately │
│ │<───────│ │ │ │
│ Sees scoped │ │ Logs access │ │ Contacts ER │
│ emergency │ │ to audit │ │ to │
│ view: │ │ trail │ │ coordinate │
│ │ │ │ │ │
│ · Program │ │ Notifies │ │ │
│ day │ │ patient of │ │ │
│ · SOBER │ │ data access │ │ │
│ trend │ │ │ │ │
│ · Care team │ │ │ │ │
│ contact │ │ │ │ │
│ · Meds (if │ │ │ │ │
│ consented)│ │ │ │ │
└──────────────┘ └──────────────┘ └──────────────┘
What ER Staff See (Scoped View)
- Program status — “Day 87 of 180” with current SOBER Score trend (last 7 days)
- Care team contacts — clinician name, phone, and clinic for immediate coordination
- Emergency contact — patient’s designated contact person
- Medications — if patient consented to share (MAT, psychiatric meds)
- Crisis history — last 30 days of crisis alerts
- Allergies and contraindications — if captured in the system
What ER Staff Do NOT See
- No session notes — clinical documentation stays between patient and clinician
- No diagnosis codes — treatment plans are not exposed
- No course content or quiz responses — engagement data only shown as SOBER Score
- No interested party information — family/sponsor access is separate
42 CFR Part 2 — the critical constraint. SUD treatment records have stricter sharing rules than HIPAA. There is no Treatment/Payment/Operations exception. Patient consent is mandatory for every disclosure. Our approach: pre-authorized consent signed during onboarding, revocable at any time with one tap. This avoids relying on the narrow medical emergency exception (§2.51) and gives patients control — which is therapeutic.
Patient Controls
- Opt-in consent from dashboard — never default-on
- View scan history — see every time the QR code was accessed, by whom
- Revoke with one tap — QR code deactivated immediately, all tokens invalidated
- Re-enroll anytime — new consent, new QR code
Open Questions
- Facility enrollment — how do we verify the scanning provider is a legitimate enrolled facility?
- Consent renewal — annual renewal or tied to program enrollment period?
- QR code rotation — regenerate periodically for security, or static with token-based access?
- BAA requirements — do we need a Business Associate Agreement with each enrolled facility?
- Legal review — consent form language must be reviewed by a healthcare attorney specializing in SUD
Why pre-authorized consent matters: In recovery, agency is therapeutic. Giving patients control over who can access their data — even in an emergency — reinforces autonomy. A patient who knows exactly what will be shared, and can revoke it at any time, is more likely to opt in.