> ## Documentation Index
> Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Psychotherapy Notes Protection — Integration

> CL-30 adds HIPAA-aligned protection for psychotherapy notes: separate storage, author-only access by default, explicit authorization for disclosure, and exclus…

**Feature ID:** CL-30\
**Status:** 📝 Planned\
**Spec Reference:** [CL-30-psychotherapy-notes-protection.md](https://github.com/Encore-OS/encoreos/blob/development/specs/cl/specs/CL-30-psychotherapy-notes-protection.md)\
**Last Updated:** 2026-02-24

***

## Overview

CL-30 adds HIPAA-aligned protection for psychotherapy notes: separate storage, author-only access by default, explicit authorization for disclosure, and exclusion from medical record and FHIR export unless authorized. Integrations are **within CL** (CL-04, CL-11, CL-20, CL-16) and PF (PF-01); no cross-core integration.

***

## Integration Points (from Spec)

| Dependency                    | Pattern  | Purpose                                                                                                       |
| ----------------------------- | -------- | ------------------------------------------------------------------------------------------------------------- |
| PF-01 (Organizations & Sites) | Direct   | Tenant context; RLS and audit                                                                                 |
| CL-04 (Progress notes)        | Internal | UX distinction: psychotherapy note vs standard progress note; link or separate list in chart                  |
| CL-11 (Consent/authorization) | Internal | Psychotherapy authorization is separate from general consent; document in CL-11 disclosure log when disclosed |
| CL-20 (Medical record export) | Internal | Exclude psychotherapy notes from export unless authorization present for that request                         |
| CL-16 (FHIR export)           | Internal | Exclude psychotherapy notes from FHIR export unless authorized                                                |

***

## API / Data Contracts

### Data (CL internal)

* **cl\_psychotherapy\_notes:** New table; author-only RLS; content encrypted at rest (NFR-1).
* **cl\_psychotherapy\_authorizations:** Patient authorizations for disclosure; linked to notes via **cl\_psychotherapy\_authorization\_notes**.
* **Export contract:** CL-20 and CL-16 export logic MUST exclude rows from `cl_psychotherapy_notes` unless a valid (non-revoked, non-expired) authorization exists for that export request and covers the note(s). Authorization scope may include date range or specific notes via `cl_psychotherapy_authorization_notes`.

### Placeholder: Event Contracts

* No domain events required for MVP. (Future: optional event when psychotherapy note disclosed for audit downstream.)

### Placeholder: API Contracts

* No new REST APIs. Access via existing CL chart/note hooks and export paths; authorization checked in application logic and RLS.

***

## Security and Tenant Isolation

* All tables include `organization_id`; RLS and app-layer filters enforce org isolation.
* Psychotherapy note content: encryption at rest; no PHI in logs; all access audited.
* RLS: SECURITY DEFINER helpers; UPDATE policies include WITH CHECK (§5.2.4); no direct query to RLS-protected tables in policies (§5.7).
* Export: CL-20/CL-16 MUST check `cl_psychotherapy_authorizations` (and junction) before including any psychotherapy note in export payload.

***

## Governance References

* **Cross-Core Matrix:** [CROSS\_CORE\_INTEGRATIONS.md](/architecture/integrations/CROSS_CORE_INTEGRATIONS) — CL-30 is CL-internal; no cross-core row required (all dependencies are PF or within CL).
* **Contract Validation:** [CONTRACT\_VALIDATION\_CHECKLIST.md](/architecture/integrations/CONTRACT_VALIDATION_CHECKLIST) — validate before implementation.
* **Data Dictionary:** [DATA\_DICTIONARY.md](/architecture/standards/DATA_DICTIONARY) — register `cl_psychotherapy_notes`, `cl_psychotherapy_authorizations`, `cl_psychotherapy_authorization_notes` after migration.
* **Encryption at Rest:** NFR-1 specifies encryption at rest for psychotherapy note content. Implementation: use Supabase Vault (`pgsodium`) or application-layer encryption with key management via platform vault. Document chosen approach in implementation log.

***

## Related Docs

* [CL-30 Spec](https://github.com/Encore-OS/encoreos/blob/development/specs/cl/specs/CL-30-psychotherapy-notes-protection.md)
* [CL-04 Progress Notes Integration](/architecture/integrations/progress-notes-session-documentation-integration)
* [CL-11 Consent Management](/architecture/integrations/consent-management-42cfr-part2-integration)
* [CL-20 Medical Record Export](/architecture/integrations/medical-record-export-document-generation-integration)
* [CL-16 FHIR Interoperability](/architecture/integrations/fhir-interoperability-data-exchange-integration)
