Medova
A travel medicine platform available in 15 languages. Vaccination requirements for 231 countries, over 600k health records from official WHO and CDC sources, GDPR and WCAG as standard.
Compliance:
- WCAG
- RODO
- MDR
What we delivered
Key features
- Vaccination requirements for 231 countries: 412 verified policies based on WHO and CDC
- Over 600k health records aggregated from 10 official sources
- Disease outbreak alerts refreshed every 6 hours
- 15 language versions with translated URLs, including Arabic (RTL)
- Travel medicine clinic finder with online appointment booking
- Formal SaMD assessment per MDCG 2019-11: deliberately outside MDR scope
- GDPR in practice: 670 RLS policies, encryption, automated data retention
- Nearly 8k tests and performance budgets enforced in CI
Challenge
Before traveling to a tropical country, you need to know which vaccinations are required or recommended. That information is scattered across many sources, often outdated, and written in language that confuses more than it explains. Travelers search forums, call health offices, and ask friends.
On the other side are travel medicine clinics. They have the knowledge and open slots, but no tool that brings the patient to them at the exact moment a trip is being planned.
What we built
Medova connects both sides. A traveler picks a destination and immediately sees which vaccinations are required and recommended for that country, based on official WHO and CDC guidance. Then they find the nearest travel medicine clinic and book a visit online. The whole journey from "I am going to Thailand, what do I need to do" to a booked appointment closes in one place.
The platform has been publicly available since April 2026 in 15 language versions, with a knowledge base of over 9,000 pages covering countries, diseases, and vaccinations.
The platform in numbers (as of April 2026)
- 231 countries, 46 diseases and 46 vaccines, with a full hierarchy of commercial products, variants, schedules, and doses underneath
- 412 verified country-vaccine policies, each with a source and last verification date
- Over 600,000 health records: per-country risks, disease statistics, travel advisories, and climate data
- 10 official data sources, including WHO, CDC, government advisories from the US, Canada, and the UK, and the World Bank, refreshed automatically on cycles from 6 hours to a week
- 15 languages with translated URLs, including Arabic with RTL layout
The hardest problem: the world's vaccinations in one schema
The world has no single format for health guidance. The same vaccination is an entry requirement in one country, a recommendation in another, and a condition for selected regions in a third. We normalized it into a hierarchy from vaccine, through commercial products and schedules, down to individual doses, together with proof requirements, certificate validity, and age restrictions.
Every record carries full provenance: source, link, and last verification date. Data quality was enforced through a series of 18 audit migrations that removed duplicates and incorrect policies.
Regulations as the foundation, not an afterthought
Health data is a special category of data under GDPR, so protection is built into the architecture: 670 Row Level Security policies, AES-256 encryption, IP address hashing with key rotation, and automated retention that deletes health data after 90 days. Users get a self-service panel for their data, and we completed a Data Protection Impact Assessment (DPIA) before the platform went public.
We treated the MDR 2017/745 boundary formally: every feature went through a SaMD qualification assessment based on the MDCG 2019-11 guidance. We deliberately dropped a personalized health score, because it would fall into class IIa medical devices. Medova presents official guidance and educates, while clinical decisions always stay with the doctor. Every new feature touching patient data passes through a regulatory gate.
Accessibility and performance are enforced in CI: Lighthouse budgets of at least 0.90 for accessibility and SEO block a deployment if a page breaks them.
The engineering you do not see
Underneath runs a PostgreSQL database with 259 tables, developed through more than 900 versioned migrations. The code is guarded by nearly 8,000 tests, from unit tests, through Playwright on five browser environments, to mutation testing. Translations are supported by our own AI pipeline with quality control for every record.
What is next
We are finishing the full appointment booking flow and preparing a pilot with the first clinics. Medova is our own product, so everything we learn building it about healthcare software flows back into our client projects.
Technology stack
Technologies
Regulatory compliance
- WCAG
- RODO
- MDR
Screenshots
Gallery
Live
See the project live
medova.health