Security &
Audit Enclave
The Security Enclave is the ecosystem's impenetrable shield. It ensures data sovereignty through field-level encryption and full audit transparency.
The Enclave Vault
Institutional Data Sovereignty
Defense Lifecycle
Maintaining absolute institutional safety through multi-layered identity and encryption protocols.
Identity Vault
Multi-factor institutional professional authentication.
RBAC Enclave
Granular Role-Based Access Control enforcement.
Field Encryption
AES-256 protection of PII and clinical blobs.
Audit Ledger
Immutable recording of every system mutation and read.
Security
Architecture
HMIS Pro implements a strictly enforced RBAC (Role-Based Access Control) grid. Sensitive clinical data never leaves the server-layer unencrypted for unauthorized nodes.
Technical Architecture
| Field | Type | Institutional Role |
|---|---|---|
| mutation_key | UUID | Unique audit trail identifier. |
| initiating_id | UUID | Professional ID of the data consumer. |
| event_scope | Enum | Read, Update, Delete, Export, Login. |
| timestamp_hash | Varchar | Cryptographic hash of the event time. |
Note: Data is subject to Enclave AES-256 field-level encryption where applicable.
Governance & Power
security:auditpii:decryptauth:manageInstitutional Logic
Field-Level Encryption
PII fields like phone numbers and patient names are encrypted at the application layer. Decryption only occurs when rendered in an authorized UI session.
Zero-Trust Mesh
Every internal API call requires a short-lived institutional token, ensuring that even internal service-to-service communication is verified.
Audit Transparency
Executive governors can view a real-time 'heat-map' of data access within the institution, identifying potential internal security anomalies.
Institutional Security: 100% data access is logged and immutable.