Module: CL (Clinical & EHR) — CL-11 EN-33 & EN-34Documentation Index
Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt
Use this file to discover all available pages before exploring further.
Audience: Organization Administrators, Compliance Officers
Last Updated: 2026-02-27
Overview
This guide covers two administrative features for consent management:- Consent Expiration Reminders (EN-33) — Configure automated notifications for expiring consents.
- Part 2 Compliance Dashboard (EN-34) — View aggregate compliance metrics for 42 CFR Part 2.
1. Consent Expiration Reminders
Configuration
The reminder window is configured via Clinical Settings (cl_module_settings).
- Setting:
consent_expiration_reminder_days - Default:
[30, 14, 7]— notifications are sent at 30, 14, and 7 days before expiration. - Format: Array of integers representing days before expiration.
How It Works
- A scheduled edge function (
consent-expiration-reminders) runs daily (configured via Supabase Dashboard cron). - For each organization, it reads the configured reminder windows.
- For each window, it queries consents expiring on that exact day.
- Notifications are sent to:
- The user who created the consent (
created_by) - All organization administrators
- The user who created the consent (
- No PHI is included in notification payloads — only counts (e.g., “3 consent(s) expiring in 7 days”).
Cron Setup (Required)
The edge function must be scheduled in the Supabase Dashboard:- Navigate to SQL Editor in your Supabase project.
- Enable
pg_cronandpg_netextensions if not already enabled. - Create a cron job to invoke the function daily (e.g., 06:00 UTC).
Troubleshooting
| Issue | Resolution |
|---|---|
| No notifications received | Verify cron job is active in Supabase Dashboard |
| Wrong reminder windows | Check consent_expiration_reminder_days in Clinical Settings |
| Duplicate notifications | The function uses createNotificationIfNew with 24-hour dedup |
2. Part 2 Compliance Dashboard
Access
- Route:
/cl/compliance-report - Permission required:
cl.compliance_report.view - By default, this permission is assigned to the
org_adminrole.
Metrics Displayed
| Metric | Description |
|---|---|
| SUD Charts | Total patient charts with SUD indicators |
| Active Consents | Number of active Part 2 consents |
| Consent Coverage | Percentage of SUD charts with active consent |
| Disclosures | Total entries in the disclosure log |
| Redisclosures | Count of disclosures marked as redisclosure |
Security
- All metrics are aggregate counts only — no patient identifiers are displayed or transmitted.
- Dashboard access is logged for audit purposes (user ID, timestamp, action only).
- The underlying
cl_part2_compliance_statsfunction isSECURITY DEFINERwith permission verification.
Granting Access
To grant compliance dashboard access to additional users:- Navigate to Admin > Permissions.
- Assign
cl.compliance_report.viewto the desired role or user.
Related Documentation
- Patient Portal Consent Guide — EN-35 patient-facing guide
- CL-11 Spec — Base consent management specification
- CL-11 Enhancements Catalog — All enhancement specifications