Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt

Use this file to discover all available pages before exploring further.

Last Updated: 2026-04-12 Central entry point for all governance documentation in Encore Health OS. This file links to the authoritative sources for each governance domain — it does not duplicate their content.

Document Hierarchy

constitution.md (guardrails — wins on conflict)
  └── AI_GUIDE.md (AI contribution process)
      └── AGENTS.md (quick reference, patterns, decision trees)
          └── .cursor/rules/ (detailed pattern files with code examples)
              └── Core-specific src/*/AGENTS.md files
When documents conflict, constitution.md wins.

Platform Governance

DocumentPurpose
constitution.mdNon-negotiable engineering guardrails (architecture, security, database, PWA, testing, documentation, automation, definition of done)
AGENTS.mdAI agent quick reference: patterns, checklists, regulatory decision tree, what AI must never do
AI_GUIDE.mdAI contribution workflow: spec process, implementation log protocol, decision framework
docs/DOCUMENTATION_STANDARDS.mdDocumentation hierarchy, naming, versioning, ownership, maintenance
docs/VERSIONS.mdSingle source of truth for all documentation versions

Architecture Governance

DocumentPurpose
docs/architecture/decisions/Architecture Decision Records (ADR-001 through ADR-013) — why the platform is built the way it is
docs/architecture/integrations/CROSS_CORE_INTEGRATIONS.mdCross-core integration patterns, encounter lifecycle, event contracts
docs/architecture/integrations/PLATFORM_INTEGRATION_LAYERS.mdPlatform Integration Layer (PIL) design

Regulatory Compliance

DocumentPurpose
docs/compliance/REGULATORY_COMPLIANCE_TRACKER.mdMaster compliance status: CL/PM regulations (42 CFR Part 2, HIPAA, AHCCCS, ONC, etc.)
docs/compliance/HR_WORKFORCE_COMPLIANCE_TRACKING.mdHR compliance: FLSA, FMLA, ERISA, ACA, I-9, OSHA, EEOC, credentialing
docs/compliance/FA_FINANCIAL_COMPLIANCE_TRACKING.mdFA compliance: IRS, FASB ASC 958, OMB 2 CFR 200
docs/compliance/RH_RECOVERY_HOUSING_COMPLIANCE_TRACKING.mdRH compliance: AZ DHS, NARR, Fair Housing, fire safety
docs/compliance/GR_GOVERNANCE_COMPLIANCE_TRACKING.mdGR compliance: CARF, Joint Commission, HEDIS, NOMs, incident reporting
docs/compliance/IT_SECURITY_COMPLIANCE_TRACKING.mdIT security: HIPAA Security Rule, HITECH, NIST CSF, CIS Controls
docs/compliance/CE_COMMUNICATIONS_COMPLIANCE_TRACKING.mdCE communications: CAN-SPAM, TCPA, call recording
docs/compliance/FCRA_TCPA_COMPLIANCE_TRACKING.mdFCRA/TCPA: background checks, SMS consent
docs/compliance/ONC_CERTIFICATION_ROADMAP.mdONC certification roadmap (CL-16, PM-01)
docs/compliance/PHI_CLASSIFICATION.mdPHI classification table (which columns/tables contain PHI)
docs/compliance/evidence/index.mdCompliance evidence packages (per-feature regulatory proof)
Multi-state compliance: See PF-96 jurisdiction profiles and AGENTS.md §Architecture Rules.

AI & Automation Governance

DocumentPurpose
.cursor/README.mdCursor IDE governance: agent catalog, command inventory, rules, MCP
.cursor/BUGBOT.mdAutomated PR review rules (database, security, TODO/FIXME)
.cursor/hooks.jsonIDE hooks: PHI scanner, sensitive file guard, risky command guard, post-edit check
.cursor/rules/RULES_GOVERNANCE.mdCursor rule authoring standards and review cadence
.claude/README.mdClaude Code governance: agents, skills, hooks, conflict resolution
docs/development/AI_PLATFORM_PARITY.mdCapability matrix across Cursor, Claude Code, and GitHub Copilot

AI Configuration Governance Cadence

Monthly (see AGENTS.md for full checklist):
  • Reconcile inventory counts for .cursor/commands, .cursor/agents, .cursor/skills, .cursor/rules
  • Validate links in AI-facing docs and remove stale references
  • Review MCP server list; confirm secrets are environment-driven
  • Prune duplicate/overlapping rules; update skill/subagent taxonomy
On PRs changing AI config (.cursor/**, AGENTS.md, AI_GUIDE.md, docs/development/*CURSOR*):
  • Update inventory/documentation references
  • Confirm no committed plaintext secrets
  • Confirm hook and command paths exist
  • Include verification evidence

CI Governance Gates

GateScriptBlocking?
Governance validationnpm run validate:governance✅ Yes
Version sync checknpm run validate-version-sync✅ Yes
Architecture boundary checknpm run check-architecture✅ Yes
RLS coveragescripts/check-rls-coverage.ts --min-coverage 100✅ Yes
AI slop detectionnpm run check:slop:ci⚠️ Warning only
Dead code detectionnpm run check:dead-code:ci⚠️ Warning only
Dependency auditnpm run check:deps⚠️ Warning only
Compliance evidence auditnpx tsx scripts/audit/audit-compliance-evidence.tsManual
Governance reportnpm run governance:report (when created)Manual/weekly CI
Tighten non-blocking gates: See docs/development/CI_PIPELINE.md for the plan to convert warning-only gates to blocking gates as baselines are established.

Spec Governance

DocumentPurpose
docs/development/SPEC_WORKFLOW.mdCanonical spec workflow (create → clarify → validate → review → tasks → implement → verify → complete)
specs/README.mdSpec directory overview and discovery
specs/_templates/TEMPLATE_INDEX.mdTemplate decision tree and all template descriptions
specs/IMPLEMENTATION_LOG.mdPlatform-wide implementation log
specs/DEFERRED_DASHBOARD.mdDeferred phase dashboard

Governance Health Scripts

# Version sync check (CI)
npx tsx scripts/audit/validate-version-sync.ts

# Compliance evidence coverage
npx tsx scripts/audit/audit-compliance-evidence.ts

# Governance validation suite
npm run validate:governance

# Architecture boundary check
npm run check-architecture

# AI slop audit
npm run check:slop

# Dead code audit
npm run check:dead-code

# Governance report (all gates)
npm run governance:report
The GR (Governance & Risk) core handles product-level governance workflows (policy management, audit management, risk assessments, accreditation tracking, incident reporting, AI compliance advisor). This file covers engineering and documentation governance.