Skip to main content

Overview

This guide covers two administrative features for consent management:
  1. Consent Expiration Reminders (EN-33) — Configure automated notifications for expiring consents.
  2. Part 2 Compliance Dashboard (EN-34) — View aggregate compliance metrics for 42 CFR Part 2.

Configuration

The reminder window is configured via Clinical Settings (cl_module_settings).
  • Setting: consent_expiration_reminder_days
  • Default: [30, 14, 7] — notifications are sent at 30, 14, and 7 days before expiration.
  • Format: Array of integers representing days before expiration.

How It Works

  1. A scheduled edge function (consent-expiration-reminders) runs daily (configured via Supabase Dashboard cron).
  2. For each organization, it reads the configured reminder windows.
  3. For each window, it queries consents expiring on that exact day.
  4. Notifications are sent to:
    • The user who created the consent (created_by)
    • All organization administrators
  5. No PHI is included in notification payloads — only counts (e.g., “3 consent(s) expiring in 7 days”).

Cron Setup (Required)

The edge function must be scheduled in the Supabase Dashboard:
  1. Navigate to SQL Editor in your Supabase project.
  2. Enable pg_cron and pg_net extensions if not already enabled.
  3. Create a cron job to invoke the function daily (e.g., 06:00 UTC).

Troubleshooting


2. Part 2 Compliance Dashboard

Access

  • Route: /cl/compliance-report
  • Permission required: cl.compliance_report.view
  • By default, this permission is assigned to the org_admin role.

Metrics Displayed

Security

  • All metrics are aggregate counts only — no patient identifiers are displayed or transmitted.
  • Dashboard access is logged for audit purposes (user ID, timestamp, action only).
  • The underlying cl_part2_compliance_stats function is SECURITY DEFINER with permission verification.

Granting Access

To grant compliance dashboard access to additional users:
  1. Navigate to Admin > Permissions.
  2. Assign cl.compliance_report.view to the desired role or user.