Spec: CE-28 — Intake Screening & Triage WorkflowDocumentation Index
Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt
Use this file to discover all available pages before exploring further.
Date: 2026-03-28
Reviewer: AI Agent (post-implementation review)
1. PHI Handling
| Control | Implementation | Evidence |
|---|---|---|
| PHI at rest | Supabase encryption; screening data in ce_screening_attempts and ce_screening_results | Tables created via migration with RLS |
| PHI in events | Event payloads contain only IDs and flags; no free-text clinical data | useCreateScreening.ts — payload construction excludes chief_complaint, notes |
| PHI in logs | No PHI logged; synthetic data in tests | Test files use Test-CE-28-* naming |
| PHI in errors | sanitizeErrorMessage() used in all user-facing error handlers | Component files use sanitized errors |
2. 42 CFR Part 2 Consent Gating
| Control | Implementation | Evidence |
|---|---|---|
| Consent capture | consent_obtained, consent_method, consent_recorded_at columns on ce_screening_attempts | Migration file |
| Consent gating on events | ce_screening_completed only published when consent_obtained === true | useCreateScreening.ts — conditional publish |
| Consent metadata in events | consent_recorded_at included in event metadata | Event payload construction |
| Consent UI | Form requires consent checkbox before submission | ScreeningForm.tsx — consent fields |
3. Tenant Isolation
| Control | Implementation | Evidence |
|---|---|---|
| RLS on all tables | ce_screening_attempts, ce_screening_results, ce_screening_questionnaires, ce_screening_sla_config | Migration with ENABLE ROW LEVEL SECURITY + FORCE ROW LEVEL SECURITY |
| SECURITY DEFINER helpers | ce_can_view_screening() with REVOKE/GRANT pattern | Migration file |
| org_id on mutations | All hooks use .eq('organization_id', orgId) | Hook files |
| RLS tests | 4 test files covering all tables | tests/rls/ce-screening-*.rls.test.ts |
4. Access Control
| Control | Implementation | Evidence |
|---|---|---|
| Permission gating | ce.screening.view, ce.screening.create, ce.screening.manage | Permission constants + seed migration |
| Route-level guards | <PermissionGate> on screening route | Route configuration |
| No hardcoded roles | Permission hooks used throughout | Component files |
Summary
CE-28 meets HIPAA Privacy Rule and 42 CFR Part 2 requirements for:- PHI protection (encryption at rest, no PHI in events/logs)
- SUD consent gating (3-field consent capture, event-level enforcement)
- Tenant isolation (RLS + application-level org_id filtering)
- Access control (permission-based, not role-based)