> ## Documentation Index
> Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Termination → COBRA Event Integration

> When an employee is terminated (HR-03 offboarding), the system creates a COBRA qualifying event and triggers notice and election workflows. This doc describes…

**Status:** Planned / In progress\
**Last Updated:** 2026-02-26

> Documents the handoff from HR-03 (offboarding/termination) to COBRA administration (HR-11 Phase 5): event flow, PHI/data handling, and controls.

***

## Overview

When an employee is terminated (HR-03 offboarding), the system creates a COBRA qualifying event and triggers notice and election workflows. This doc describes the integration contract, data flows, and security controls.

***

## Event Flow

* **Trigger:** HR-03 termination flow (employment\_status → 'terminated') or equivalent offboarding action.
* **Action:** Create or update `hr_cobra_events` with event type (e.g. termination), employee\_id, event\_date, election\_deadline; link to employee and organization.
* **Downstream:** COBRA notice generation (`CobraNoticeGenerator.tsx`), deadline reminders (edge function `cobra-deadline-reminders`), and elections (`hr_cobra_elections`).
* **Endpoints/Messages:** Internal only (no public API). Event creation is triggered from HR offboarding UI or backend; no direct external message bus required for Phase 5.

***

## PHI / Data Flows

* **Data in COBRA tables:** Employee identifier, contact info (for notices), election dates, coverage period. Treated as PHI; encryption at rest and in transit per platform standards.
* **Notice content:** Generated notices may contain employee name, address, plan info; stored or sent via secure channels only.
* **No PHI in logs:** Use IDs only in application and audit logs; no SSN or full name in log payloads.

***

## Authentication & Authorization

* Only authorized HR/benefits users (permission-gated) can create or view COBRA events and elections.
* RLS on `hr_cobra_events` and `hr_cobra_elections` enforces organization\_id; users see only their org's data.
* Termination → COBRA event creation runs in authenticated context (same user or service context as offboarding).

***

## Encryption, Retention, and Audit

* **Encryption:** Encryption at rest for contact/payment-related fields; TLS in transit. Align with platform and HR data classification.
* **Audit logging:** Audit log for PHI access and modifications (created\_by, updated\_by, timestamps); tie to PF-04 or HR audit pattern.
* **Retention:** ERISA record retention — 7-year minimum for plan documents and COBRA-related records; document retention policy and purge rules.
* **Data breach notification:** Follow organization incident response and breach notification procedures; COBRA data is sensitive (contact/eligibility).

***

## Organization-Scoped Access

* All queries and mutations filter by `organization_id`; no cross-tenant leakage. RLS policies and application checks enforce org scope.
* Verify: `tests/rls/hr-cobra.test.ts`, `tests/integration/hr/cobra-event-workflow.test.ts`.

***

## References

* [HR-11 COBRA Expansion](https://github.com/Encore-OS/encoreos/blob/development/specs/hr/specs/HR-11-COBRA-EXPANSION.md)
* [HR-11 Benefits Administration](https://github.com/Encore-OS/encoreos/blob/development/specs/hr/specs/HR-11-benefits-administration.md)
* DOL COBRA: [https://www.dol.gov/agencies/ebsa/laws-and-regulations/laws/cobra](https://www.dol.gov/agencies/ebsa/laws-and-regulations/laws/cobra)
