docs: HEALTHCARE-TRANSCODING — OGAR for HIPAA/healthcare (FHIR-grounded, label-free)#28
Conversation
…ed, label-free) Completes 'AST/OGAR for both' — the healthcare-domain Class/ActionDef mapping, pairing with ODOO-TRANSCODING (ERP). Grounded in the PUBLIC FHIR R4 / HL7 standard + HIPAA regs, NEVER a private deployment — leak- safe by construction. Label-free on purpose: maps healthcare SHAPES (a PHI date field exists with these access controls), never LABELS (the caption — FHIR or a deployment's localized PII caption). Demonstrates the property: the entire healthcare domain maps to OGAR without naming one PHI value or caption. §3: the Security Mesh = HIPAA's two requirements on the firewall's two sides — minimum-necessary access (inner palette256 bit-op, no serialization) + immutable audit (outer signed Lance-version append). §4: the label-free contract IS the PII guarantee (captions can't leak through OGAR because OGAR never holds them — GDPR/HIPAA grade). Pre-push leak scan clean (no project names, no German PII tokens). https://claude.ai/code/session_01PBTGaPCSnnt6u3pjXpbLwY
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 7809c512f0
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| - `docs/DOMAIN-INSTANCES.md` — the domain catalogue; §2.5 (healthcare), §0 (the label-free / inherit-schema-via-contract property). | ||
| - `docs/THE-FIREWALL.md` §7.2 — healthcare as the canonical firewall demonstration (inner palette256 auth + outer signed audit). |
There was a problem hiding this comment.
Point cross-references at existing documents
These two cross-references introduce dead local documentation links: I searched the repository with find /workspace/OGAR -name 'DOMAIN-INSTANCES.md' -o -name 'THE-FIREWALL.md' and neither file exists, so readers following the healthcare mapping cannot verify the cited catalogue/firewall sections. Please either add those docs in the same change or update these references to the existing files/sections that contain this material.
Useful? React with 👍 / 👎.
HEALTHCARE-TRANSCODING.md— OGAR for HIPAA/healthcare (the other half of "AST/OGAR for both")Completes the pair with
ODOO-TRANSCODING.md(ERP). The healthcare-domainClass/ActionDef/Identitymapping.Grounding — leak-safe by construction
Grounded in the PUBLIC FHIR R4 / HL7 standard + HIPAA regulations — never a private deployment. That's deliberate: the healthcare production instance is PII-laden, so the spec is written against the public standard. Pre-push leak scan confirms zero project names + zero German PII tokens.
Label-free, on purpose (demonstrates the §4 property)
The doc maps healthcare shapes (a date-typed PHI field exists, with these access controls), never labels (what it's called — FHIR
birthDate, or a deployment's localized caption). It proves the property by example: the entire healthcare domain maps to OGAR without naming a single PHI value or caption. PerDOMAIN-INSTANCES.md §0— the contract holds shape; the consumer binds labels via theAdapter.What's in it
Class(Patient/Encounter/Observation/Condition/MedicationRequest/Consent → Class; AuditEvent → the Lance version log, not a Class). Shape +Marking: PHI, never captions.ActionDef(admit/order/result/amend/discharge/break-glass); Encounter.status domain workflow vs ActionState lifecycle (ADR-001 two-level).Pairs with
ODOO-TRANSCODING.md(Woa-rs stays Odoo, retrofit later — no change here).DOMAIN-INSTANCES.md §2.5(docs: DOMAIN-INSTANCES — OGAR domain catalogue (Woa-rs/Odoo + MedCare-rs/HIPAA + calibration set) #27).THE-FIREWALL.md §7.2(docs: THE-FIREWALL — absolute inner/outer boundary, no serialization in hot path (ADR-022) #26).Pure docs; public-standard grounding only.
https://claude.ai/code/session_01PBTGaPCSnnt6u3pjXpbLwY