The Report a Concern page is a public, unauthenticated intake form for submitting confidential reports about potential misconduct, fraud, safety concerns, or policy violations. It is located at routeDocumentation Index
Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt
Use this file to discover all available pages before exploring further.
/gr/whistleblower-report and is served from the public routes (no authentication required).
Overview
This page requires no authentication and is registered in the public routes (src/routes/public.tsx). It renders WhistleblowerIntakePage, which submits to the gr-whistleblower-submit Supabase edge function with the organization ID supplied via the ?org= URL query parameter. On successful submission, a follow-up token is displayed — the submitter should save this token to check report status later.
The form accepts:
- Category: one of
financial_fraud,discrimination,safety,policy_violation, orother - Description: 10–10,000 characters
- Submit Anonymously: toggle (default: on)
Who it’s for
No authentication required. This page is intended for anyone — staff, patients, or third parties — with access to the organization’s public URL containing the?org= parameter.
Before you start
- The URL must include a valid
?org=<organization_id>query parameter. Without it, submission will fail. - The submitter should save their follow-up token after submission — it is shown only once.
Steps
- Open the Report a Concern URL provided by your organization (includes
?org=parameter). - Select a Category from the dropdown.
- Enter a detailed Description (minimum 10 characters, maximum 10,000).
- Review the Submit Anonymously toggle — enabled by default.
- Select Submit Report.
- On success, copy and save your Follow-Up Token before closing the page.
Key concepts
| Concept | Description |
|---|---|
?org= param | Organization identifier required in the URL; links this submission to the correct tenant |
| Follow-up token | A unique token returned on submission; used to check report status later |
| Anonymous submission | When toggled on, identity is not recorded with the report |
| Edge function | Submission goes to gr-whistleblower-submit — not directly to the database |
Related
Governance & Compliance
Governance & Compliance core overview.
Governance & parity
This page documents shipped product behavior. It is not medical, legal, or
billing advice. Verify against your organization’s policies and applicable
regulations before using it for clinical, compliance, or billing decisions.
Protected health information (PHI) shown in the product is governed by your
tenant’s access controls and is never exposed in this documentation.
Documentation sources
Documentation sources
- src/routes/public.tsx
- src/routes/gr.tsx
- src/cores/gr/pages/WhistleblowerIntakePage.tsx
- src/integrations/supabase/client.ts