> ## Documentation Index > Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt > Use this file to discover all available pages before exploring further. # Compliance Automation & Regulatory Dashboard โ€” Integration > Feature ID: PF-91 Status: ๐Ÿ”จ In Progress (80%) Spec Reference: PF-91-compliance-automation-regulatory-dashboard.md Last Updated: 2026-03-24 **Feature ID:** PF-91\ **Status:** ๐Ÿ”จ In Progress (80%)\ **Spec Reference:** [PF-91-compliance-automation-regulatory-dashboard.md](../../../specs/pf/specs/PF-91-compliance-automation-regulatory-dashboard.md)\ **Last Updated:** 2026-03-24 *** ## Overview PF-91 adds tenant-scoped compliance monitoring (dashboard, PHI column classification, drift detection, evidence packages) and deepens 42 CFR Part 2 alignment with CL-11. Consumers integrate through **`@/platform/compliance`**, Edge Functions for scheduled checks and evidence generation, and existing PF-04 / PF-10 / PF-48 touchpoints. *** ## Integration Points (from Spec) | Dependency | Type | Purpose | | ---------- | ---------------- | ----------------------------------------------------------------------------- | | PF-01 | Data | `organization_id` tenancy for all compliance artifacts | | PF-04 | Data / Audit | Drift and evidence actions logged; audit health widgets | | PF-05 | Scan / Report | RLS coverage and policy inventory for dashboard | | PF-10 | Platform | Notifications for drift and compliance summaries | | PF-36 | UI | Optional health-dashboard widgets | | PF-48 | Event / Data | Security event correlation for compliance view | | PF-90 | Data | DR readiness metrics for dashboard and evidence | | CL-11 | Platform Layer | Consent status for Part 2 enforcement (`@/platform/clinical`) | | GR-03 | Event (optional) | Regulatory tracker alignment; avoid duplicating GR-owned governance artifacts | *** ## Platform Layer Contract (target) * **Module path:** `@/platform/compliance` (canonical). Subfolders allowed internally; export stable hooks/types from barrel `src/platform/compliance/index.ts`. * **Edge Functions (names for implementation โ€” adjust in migration if renamed):** * `compliance-run-checks` โ€” scheduled drift / RLS / audit health checks; inserts `pf_compliance_checks`; may emit **`pf_compliance_drift_detected`** * `compliance-phi-scan` โ€” column / `custom_fields` key classification; upserts `pf_phi_classifications` * `generate-compliance-evidence` โ€” async evidence ZIP job; updates `pf_compliance_evidence`; uploads to private bucket **`compliance-evidence`**; may emit **`pf_compliance_evidence_ready`** All org-scoped; use JWT or service role per job type; document `verify_jwt` in each function's config and README per FR-4.2. * **Hooks (indicative):** `useComplianceDashboard`, `usePhiClassifications`, `useComplianceEvidenceJobs`, `useDriftAlerts` โ€” finalize names in `src/platform/compliance/`; all queries include `organization_id` (defense in depth). *** ## API / Edge Contracts (stub) | Function / route | Auth | Request summary | Response summary | | ------------------------------ | ------------------------------------------------------------------------------------ | --------------------------------------------------------------------------- | ------------------------------------------------------------------------- | | `compliance-run-checks` | Service role / internal cron (`verify_jwt: false` if invoked only by cron; document) | Optional `organization_id`; omit for platform sweep if explicitly supported | Rows inserted into `pf_compliance_checks`; optional drift notifications | | `compliance-phi-scan` | Service role / internal cron | Optional `organization_id` | Updated `pf_phi_classifications`; respects per-org row soft limit (NFR-6) | | `generate-compliance-evidence` | User JWT + `pf.compliance.evidence.generate` | `organization_id`, framework, date range | Job id; artifact in Storage when `completed` | Expand with request/response JSON Schema before implementation (see [API\_CONTRACTS.md](./API_CONTRACTS.md) if exposed externally). ### Storage (evidence artifacts) * **Bucket:** `compliance-evidence` โ€” `public: false`, org-scoped object paths `{organization_id}/{evidence_id}/...` (same pattern as `reports-exports` in `20260315003328_04052513-0344-4182-9a43-503c6711e204.sql`). * **RLS:** Reuse `pf_user_can_access_storage_org` on first path segment; **service\_role** uploads from Edge (bypasses RLS); user download via **signed URL** only. * **`pf_compliance_evidence.storage_path`:** Store the object key relative to this bucket (document exact convention in migration comment). ### CL-11 / Part 2 (server) * **RPC:** `cl_check_sud_consent(p_chart_id, p_record_type, p_requesting_user)` โ€” source of truth for SUD-gated content; used by `@/platform/clinical` [`useConsentCheck`](../../../src/platform/clinical/consent/useConsentCheck.ts). * **PF-91 Wrapper:** `pf_check_sud_consent_for_export` โ€” SECURITY DEFINER; delegates to `cl_check_sud_consent`; fail-closed (FALSE on error/NULL); `REVOKE ALL FROM PUBLIC`. Per 42 CFR Part 2 ยง2.13/ยง2.31. * **Emergency Override:** `pf_log_emergency_override` โ€” SECURITY DEFINER; inserts audit row into `pf_audit_logs` (PF-04); requires 20+ char justification; `REVOKE ALL FROM PUBLIC`. * **PF-91 Phase 3:** Server paths returning SUD-classified data MUST invoke consent RPC per chart; multi-chart exports iterate and fail closed when consent is false or null. ### PF-10 (MVP notification behavior) * **In-app** notifications to `pf.compliance.drift.manage` for `pf_compliance_drift_detected`; optional in-app toast to requester for `pf_compliance_evidence_ready`. * **Copy:** Template-only titles/bodies; payload fields limited to UUIDs, severity, framework enum, opaque `storage_path`, and short operator-safe `summary` (no PHI/SUD, no clinical table/column names). * **Deep links:** `/settings/compliance` (drift); `/settings/compliance/evidence?evidenceId=` (evidence ready). *** ## Event Contracts (stub) | Event | Publisher | Subscribers | Payload (indicative) | | ------------------------------ | ------------------ | ---------------------- | --------------------------------------------------------------------------------------------------------------------- | | `pf_compliance_drift_detected` | PF-91 check worker | PF-10 | `organization_id`, `check_id`, `check_type`, `severity`, `dashboard_deep_link` โ€” **no** raw PHI or SUD fields in body | | `pf_compliance_evidence_ready` | Evidence generator | PF-10 (optional toast) | `organization_id`, `evidence_id`, `framework`, `storage_path` (opaque) | Register in [EVENT\_CONTRACTS.md](./EVENT_CONTRACTS.md) (stub added; finalize TypeScript payload interfaces before ship). *** ## Security and Tenant Isolation * All new tables: RLS + `pf_has_org_access` (or current SECURITY DEFINER helper) with `WITH CHECK` on UPDATE; no policy subqueries against RLS-protected tables without helpers (constitution ยง5.7). * Evidence ZIPs: signed URLs; no long-lived public URLs; checksum stored on `pf_compliance_evidence`. * Part 2 paths: no SUD-classified data in notification body without consent; align with CL-11 contracts. * Edge functions: `getCorsHeaders(req.headers.get('origin'))`, `createLogger` from `_shared/logger.ts`, structured logging without PHI content (see spec FR-4.2). Validate contracts with [CONTRACT\_VALIDATION\_CHECKLIST.md](./CONTRACT_VALIDATION_CHECKLIST.md) before release. *** ## Related Docs * [PF-91 Spec](../../../specs/pf/specs/PF-91-compliance-automation-regulatory-dashboard.md) * [PLATFORM\_INTEGRATION\_LAYERS.md](./PLATFORM_INTEGRATION_LAYERS.md) * [CROSS\_CORE\_INTEGRATIONS.md](./CROSS_CORE_INTEGRATIONS.md)