Cross-Cutting Concerns

This directory contains system-wide documentation that spans multiple features.

Security & Compliance

rbac-permissions.md

Role-Based Access Control - Permission matrix, role definitions, enforcement strategy

• Who can access what
• Role hierarchy (superadmin → admin → specialist → customer_support → patient)
• Field-level filtering rules
• API endpoint permissions

gdpr-compliance.md

GDPR Compliance - Data protection, privacy, user rights

• Consent model (user_consents table)
• Right to access (export endpoint)
• Right to erasure (anonymization + deletion)
• Breach notification (72-hour procedure)
• Data retention policies

encryption.md

Data Encryption - Infrastructure and application-level encryption

• Infrastructure: AWS RDS encryption, S3 encryption, TLS
• Application-level: AES-256-GCM for PHI fields (phone, API keys)
• Encryption key management
• What's encrypted vs plaintext (and why)

telemetry.md

Platform Telemetry - How telemetry flows through the system

• What gets tracked (audit, security, privacy, video, analytics, pose, errors, API metrics)
• How features integrate with the telemetry layer
• Consent model and data flow
• Feature integration checklist

---

Database & API

rls-policies.md

Row-Level Security - Consolidated RLS reference across all tables

• RLS strategy: organization_id = current_app_org_id()
• Session variable setup (app.current_user_id, app.current_org_id, app.current_role)
• Policy patterns by role
• Performance considerations

database-overview.md

Database Schema Overview - Index of all tables with links to feature docs

• All tables alphabetically
• Foreign key relationships
• Link to feature-specific schema docs
• ER diagram (future)

api-overview.md

API Endpoint Overview - Index of all endpoints with links to feature docs

• All endpoints alphabetically
• Grouped by resource
• Link to feature-specific API docs
• Authentication requirements

---

Infrastructure & Operations

scaling-architecture.md

Scaling Strategy - Infrastructure evolution from Phase 1 to Phase 4

• Phase 1: Single instance (1-10 orgs, AWS App Runner)
• Phase 2: Read replicas (10-50 orgs, AWS RDS)
• Phase 3: Hybrid model (50-100 orgs, shared + enterprise)
• Phase 4: Multi-shard (100-1000+ orgs, regional distribution)
• Cost projections, timeline, migration triggers

monitoring.md

Observability & Monitoring - Metrics, dashboards, alerts

• Critical metrics (connection pool, query latency, error rates)
• Datadog/CloudWatch dashboards
• Alert thresholds
• SLOs by feature

immediate-actions.md

Production Readiness - Pre-launch checklist, critical configurations

• Connection pool monitoring (CRITICAL)
• Query timeout middleware (CRITICAL)
• Health checks with pool metrics
• Security hardening
• BAA signing (Clerk, Daily.co, AWS)

key-rotation.md

Encryption Key Rotation - Quarterly key rotation procedure

• Rotation procedure (manual + automation)
• Backup and rollback
• Testing and validation
• Incident response

backup-disaster-recovery.md

Backup & Disaster Recovery - Multi-layer backup strategy for state-funded insurance compliance

• 3-2-1-1 backup architecture (RDS + S3 + cross-region + offline)
• 7-year retention for audit compliance
• Fraud prevention evidence requirements
• Disaster recovery scenarios and runbooks
• Monthly restore testing procedures
• State audit preparation

external-providers.md

External Service Providers - Complete inventory of all third-party services

• 13 active services (auth, video, storage, databases, geo, monitoring)
• 3 planned services (payment, email, SMS)
• Criticality levels and failure impact analysis
• BAA/compliance requirements per provider
• Complete environment variable reference

---

System Patterns

Common Patterns Across Features

Multi-tenancy:

• Every table has organization_id (except users)
• RLS enforces tenant isolation
• No sub-query RLS (except users via user_organizations)
• Organization context set per request

Timestamps:

• created_at and updated_at on every table
• Auto-update trigger: trigger_set_updated_at()

Foreign Keys:

• All relationships have explicit FK constraints
• ON DELETE behavior defined (CASCADE, SET NULL, RESTRICT)

Encryption:

• Infrastructure: Everything (AWS RDS encryption)
• Application-level: Targeted PHI fields only (phone, API keys → BYTEA)
• Form values: Plaintext JSONB (queryable for segments)

Audit:

• Every mutation logged to audit_log (local, synchronous)
• Forwarded to Telemetry service (async) for enrichment

UUIDs:

• Internal IDs: bigserial (fast, indexed)
• External-facing IDs: uid (UUID) for security

---

Quick Links

I need to...

• 🔐 Check permissions → rbac-permissions.md
• 🛡️ Understand GDPR → gdpr-compliance.md
• 🔒 See what's encrypted → encryption.md
• 💾 Understand backups → backup-disaster-recovery.md
• 🔍 Find a table → database-overview.md
• 📡 Find an endpoint → api-overview.md
• 📈 Plan for scale → scaling-architecture.md
• 🚀 Prepare for launch → immediate-actions.md
• 📊 Understand telemetry → telemetry.md
• 🔌 External services? → external-providers.md

Feature-specific docs:

• See ../features/ for feature-based documentation