Describe a time you had to learn something entirely new under pressure.

HIPAA compliance with real patient data and real regulatory consequences.

When I started building Tiny Steps, I didn't know what a BAA was. I didn't know what PHI meant. I didn't know that a database hosting patient records needs a Business Associate Agreement with the hosting provider or you're in violation of federal law. I didn't know that social security numbers need AES-256-GCM encryption at rest. I didn't know that every clinical table needs row-level security policies for multi-tenant isolation.

And I was building software that would store names, dates of birth, ICD-10 diagnostic codes, insurance information, and clinical session records for children ages zero to three.

There was no option to learn slowly. Real agencies were waiting. Real therapists needed the system. Real children's data would be in the database. So I studied. I read HIPAA requirements. I talked to people who'd built compliant systems. I implemented RLS on every clinical table. I set up audit logging that captured 5,361 events. I encrypted SSNs at rest. I built a credential lockout system that blocks login when a therapist's critical credentials expire.

The pressure was real. This wasn't a school project where a bug means a lower grade. This was healthcare software where a security failure means someone's medical information is exposed. That pressure made me more careful, not less productive. When the stakes are real, the quality rises to meet them.