> ## Documentation Index
> Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Regulation mapping

> Map regulation citations to compliance requirements and accreditation bodies so submitted regulatory reports auto-file as evidence.

Regulation mapping controls where Encore files evidence when an incident's regulatory report is submitted. Two settings pages — **Regulation → Requirement Map** and **Regulation → Accreditation Map** — tell the auto-evidence consumers which compliance requirement and which accreditation bodies a citation belongs to.

## Overview

When a regulatory report is submitted, Encore publishes a `regulatory_report_submitted` event. Two consumers act on it:

* **Compliance evidence** — looks up the citation in the regulation-to-requirement map and creates one `gr_compliance_evidence` row against the matched requirement.
* **Accreditation evidence** — looks up the citation in the regulation-to-accreditation map and creates one `gr_accreditation_evidence` row per active survey for every mapped body.

Both rows are stamped with the originating event id and carry the **Auto** badge in their respective evidence lists, which links back to the regulatory report at `/gr/regulatory-reports/:reportId`. Re-delivery of the same event never creates a duplicate.

The maps live at:

* `/gr/settings/regulation-requirement-map` — citation → compliance requirement
* `/gr/settings/regulation-accreditation-map` — citation → accreditation body

Platform defaults (seeded by Encore) are listed read-only with a **Platform default** badge. Your organization's rows are scoped to your tenant and take precedence over the platform defaults during lookup.

## Who it's for

Requires permission to read or manage the maps:

* `gr.regulation_requirement_map.read` / `.write`
* `gr.regulation_accreditation_map.read` / `.write`

`org_admin` is granted all four by default.

## Before you start

* **Auto evidence consumers** must be enabled in [Governance Settings](/gr/governance-settings) (`enable_auto_evidence_consumers`). When disabled, both consumers short-circuit and no evidence is auto-created.
* Compliance requirements and accreditations (with active surveys) must exist for the citations you plan to map.
* A regulation-to-requirement match is required for compliance evidence; with no match, the consumer logs a `no_requirement_mapping` warning and skips the row.

## Resolution order

The compliance consumer resolves the requirement in this order. The first match wins:

1. Your organization's row in **Regulation → Requirement Map** for the citation.
2. The platform-default row for the citation.
3. **Default evidence requirement** in Governance Settings (`default_evidence_requirement_id`).

If none of the three match, the consumer skips with `no_requirement_mapping` and no evidence row is created.

The accreditation consumer fans out across **every** mapped body — one evidence row per active survey per body — so a citation mapped to both CARF and Joint Commission produces survey-prep evidence under both.

## Add or edit a mapping

<Steps>
  <Step title="Open the map">
    Go to **Governance & Compliance → Settings → Regulation → Requirement Map** or **Regulation → Accreditation Map**.
  </Step>

  <Step title="Add a mapping">
    Select **Add mapping**. Enter the regulation citation exactly as it appears on the report (for example, `42 CFR 483.12`) and pick the target requirement or accreditation body.
  </Step>

  <Step title="Edit or delete">
    Use the row actions menu to edit or delete an organization row. Rows badged **Platform default** cannot be edited or removed; add an organization row with the same citation to override the default for your tenant.
  </Step>

  <Step title="Verify the wiring">
    Submit a test regulatory report on an incident. The matching compliance evidence row appears in the requirement's evidence list with the **Auto** badge, and survey-prep evidence appears under each mapped active survey.
  </Step>
</Steps>

## Key concepts

| Concept             | Description                                                                                                                                          |
| ------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- |
| Regulation citation | The free-text identifier on a `gr_incident_regulatory_reports` row (for example, `42 CFR 483.12`). The consumers match on this exact value.          |
| Platform default    | A row seeded by Encore with `organization_id` null. Read-only; visible to every tenant.                                                              |
| Organization row    | A tenant-scoped row that overrides the platform default for the same citation.                                                                       |
| Source event        | The `fw_domain_events.id` for the `regulatory_report_submitted` event. Stamped on auto-created evidence and powers the **Auto** badge click-through. |
| Idempotency         | The consumers refuse to create a second evidence row for the same `(organization, source_event_id)`. Re-delivery is safe.                            |

## Related

<Columns cols={2}>
  <Card title="Governance Settings" icon="shield-halved" href="/gr/governance-settings">
    Toggle auto evidence consumers and set the fallback requirement.
  </Card>

  <Card title="Evidence" icon="file-shield" href="/gr/evidence">
    Browse accreditation evidence, including auto-generated rows.
  </Card>

  <Card title="Incidents" icon="shield-halved" href="/gr/incidents">
    Submit regulatory reports from the incident detail page.
  </Card>

  <Card title="Audit findings" icon="clipboard-check" href="/gr/audit-findings">
    Critical and high findings open CAPs automatically.
  </Card>
</Columns>

<Note>
  This page documents shipped product behavior. It is not medical, legal, or
  billing advice. Verify against your organization's policies and applicable
  regulations before using it for clinical, compliance, or billing decisions.
  Protected health information (PHI) shown in the product is governed by your
  tenant's access controls and is never exposed in this documentation.
</Note>
