Govern
Governance
Roles, policies, consent, classification, retention, MDM rules and approval workflows.
Roles
RBAC, scope, members
Access policies
ABAC + RBAC rules
Consent rules
Treatment, research, marketing
Classification
PHI, PII, Confidential
Retention
Retention & legal holds
Approval workflows
Multi-step approvals
Access policies
Active RBAC + ABAC policies and coverage across data domains.
| Policy | Category | Coverage | Status |
|---|---|---|---|
| HIPAA Minimum Necessary | Privacy | 100% | Active |
| Zero Trust Network Access | Security | 98% | Active |
| PHI in Email — Block & Quarantine | DLP | 100% | Active |
| Research Consent Required | Consent | 92% | Active |
| Retention 7y — Encounters | Retention | 100% | Active |
| MDM Match Threshold ≥ 0.92 | MDM | 100% | Active |