Status: ✅ Complete
Spec Reference: PF-70-medical-terminology-code-libraries.md
Last Updated: 2026-02-27
Last Verified: 2026-02-27
Overview
PF-70 provides a centralized code library (ICD-10-CM, CPT, HCPCS, modifiers) with type-ahead search, favorites/recently used, effective-date-aware validation, and optional payer-specific rules. CL and PM cores consume this via the platform layer (@/platform/codes) for diagnosis (problem list, progress notes, SDOH), procedure (charge capture, claims), and modifier validation.
Quick Reference
Integration Points (from Spec)
API / Data Contracts
Search API — useCodeSearch / searchCodes
Import: import { useCodeSearch } from '@/platform/codes';
Parameters:
Response: Array of
CodeSearchResult:
- Result limit: Cap at 25 results per request.
- Min query length: 2 characters. Returns empty array (not error) when
query.length < 2. - Debounce recommendation: Consuming UIs should debounce search input by 300 ms before calling the search API.
- Single code set per request in Phase 1. Multi-set search is deferred.
codeSet='LOINC', returns empty array with { loinc_unavailable: true } metadata until a future phase adds the LOINC table. Do not throw an error.
Validation API — validateCode
Import: import { validateCode } from '@/platform/codes';
Parameters:
Response:
{ valid: boolean; errors?: string[] } — errors are sanitized user-facing messages. Never exposes raw DB errors.
Validation error message examples:
Scope: Single-code validation in Phase 1. Batch validation (multiple lines in one request) is deferred.
Favorites / Recently Used
Import:import { useCodeFavorites, useCodeRecent } from '@/platform/codes';
Per user + org; stored in pf_code_favorites and pf_code_recent tables. API to get/add/remove per user.
useCodeFavorites(organizationId) returns:
favorites: CodeSearchResult[]— ordered by most recently addedaddFavorite(code, codeSet, description): Promise<void>removeFavorite(code, codeSet): Promise<void>isLoading: boolean
useCodeRecent(organizationId) returns:
recent: CodeSearchResult[]— ordered byused_at DESC, max 50 entriesrecordUsage(code, codeSet, description): Promise<void>— upserts on the unique key(user_id, organization_id, code_set, code), updatingused_at. Excess rows beyond 50 are cleaned up after upsert.isLoading: boolean
Consuming UI Guidance
PF-70 has no dedicated UI. Consuming features (CL/PM) own their code pickers (combobox, dialog, etc.). The following recommendations ensure consistent behavior across the product.Loading and Empty States
Layout
- Code picker list: Compact list — code (bold) + description (secondary) on one line. Use semantic tokens only.
- Effective date: Show in results only if the consuming feature needs it (admin/audit views). For typical clinician/billing type-ahead, code + description is sufficient.
Code Examples
RLS Architecture
SECURITY DEFINER helpers:
pf_can_read_code_set(p_code_set_id UUID)— returns TRUE if code_set is platform-managed (org NULL) OR user belongs to the code_set’s organization. UsesSET search_path = public.pf_can_manage_org_codes(p_organization_id UUID)— returns TRUE if user is admin for the given org. UsesSET search_path = public.
Escalation Notes
ESCALATION-1 (C-3): payer_id FK Boundary
pf_payer_code_rules.payer_id is a bare UUID — no FK to pm_payers to avoid PF→PM boundary violation. PM-layer code resolves the UUID to payer identity at call site. payer_id is nullable; NULL means “global rule applying to all payers.”
ESCALATION-2: LOINC Deferral — CL-08 Partial Block
CL-08 requires LOINC for lab monitoring CDS rules. PF-70 defers LOINC tables to a future phase. When CL-08 implementation begins, add a LOINC table to PF-70 (new task) before CL-08’s CDS rules feature can complete. The search API contract already reservescodeSet='LOINC' to avoid a breaking change.
ESCALATION-3: Code Set Data Load — Ownership Defined
Platform admin owns annual updates for platform-managed code sets. See Admin Guide for the update process, file format, and no-delete policy.Security and RLS
- Platform-managed code sets:
organization_idNULL; readable by all orgs via SECURITY DEFINER helpers. - Org-scoped:
pf_code_modifiers,pf_payer_code_rules; RLS enforcesorganization_id. - User-scoped:
pf_code_favorites,pf_code_recent; filtered byuser_id = auth.uid(). - Read-only for clinicians/billing; admin write for code set updates and modifier/payer rules. Permission keys:
pf.codes.read,pf.codes.admin.
Related Docs
- PF-70 Spec
- PF-70 Admin Guide
- Platform Integration Layers
- CL-08 Integration Doc (CL-08 is a confirmed PF-70 consumer)
- CL-PM-SPEC-REVIEW Finding 2.2 (Code Library / Terminology Spec)