Sensphere: from static website to secure clinical operating platform

Sensphere is a specialist therapy and sensory clinic founded by Cherif Larbaoui. The clinic works with children and families navigating sensory, developmental, and emotional challenges. Parents researching support for their children are often under significant stress. They need clarity fast, and they need to feel they have found somewhere that understands the weight of what they are dealing with.

For a clinical practice, the public website has to communicate expertise and warmth quickly enough that an anxious parent stays, reads, and takes the step of making contact. It also has to project enough professional credibility for a referral from a GP or school to feel appropriate.

The operational problem ran deeper than the public site. Sensphere needed to manage referrals, intake documentation, client records, appointments, invoices, and secure communications in a way that was compliant with data protection obligations and practical for a small clinical team to use every day. Stitching together email threads, paper forms, spreadsheets, and disconnected tools would have created administrative overhead and a compliance posture that was difficult to audit.

The public site and operational platform were designed together rather than separately. Building the website first and the portal later would have produced two things that worked independently but felt disconnected. Building them as a single application from day one meant every design decision about the public site was informed by the full picture of how the practice operates.

The public site was structured around the needs of a parent discovering the clinic for the first time: what the clinic does, which children it helps, how the assessment process works, and how to make contact or request a referral. The three-pillar service model was brought forward as the organising framework because it mirrors the way parents think about their child's needs.

Security and data compliance were treated as architectural decisions. The clinic works with sensitive child and family information, so a breach or compliance failure would not be a minor business inconvenience. Every part of the platform that touches personal data was built with that responsibility in mind.

The platform runs on Next.js 16 with the App Router, React 19, TypeScript, and Tailwind CSS 4, with Sanity CMS providing content management for the public site. The client portal uses Clerk authentication with four role types covering clients, staff, admin, and editorial access.

Prisma handles the database layer across 30 models covering intake, documents, messages, milestones, referrals, appointments, invoices, audit events, GDPR flows, and portal settings. Documents are stored privately on Vercel Blob with signed download tokens and audit trail logging. Stripe handles invoice checkout and webhook payment events. Resend handles transactional and contact email. Upstash Redis provides rate limiting across API routes.

Observability was built in from the start. Sentry monitors server, client, and edge surfaces. Analytics runs through consent-gated GA4 and Meta Pixel with route policies that prevent tracking from firing in portal, admin, or studio areas where clinical data is present.

Production hardening covers CSP nonces, CSRF tokens, no-store cache headers on portal routes, environment validation on startup, and a CI pipeline running lint, formatting, typecheck, security audit, unit tests with coverage, Playwright tests over full user flows, and Axe accessibility checks.

Sensphere now operates from a single platform that serves the practice digitally. Families arrive at a public site that communicates expertise, warmth, and clinical credibility in the right proportions. Referrals come through a validated contact flow. Intake documentation is collected through the portal with audit-logged acknowledgement.

Clinical staff manage documents, milestones, and communications from a dedicated interface. Invoices are sent and paid through Stripe without leaving the platform. Every action that touches personal data generates an audit event.

The practice no longer depends on email threads for document exchange, spreadsheets for case tracking, or separate tools for invoicing and booking. The administrative overhead that typically consumes clinical time now has a dedicated digital layer to absorb it.

The Sanity content architecture was introduced mid-build rather than specified upfront. It works well in the final state, but the integration required rework of page components that had already been built as static. Specifying the full content management scope in week one and building Sanity schemas before page components would have saved several days of rework and produced a cleaner separation between content and presentation from the start.