Tenants (dev)
3
Provider Group Demo + 2 sandboxes
Governance posture
Tenant overview, role topology, ledger separation, audit feed — all dev environment, production closed.
Tenants (dev)
3
Provider Group Demo + 2 sandboxes
Active roles
6
in dev surface
PromptOps gates (lane)
31
+8 since v3
Audit events (24h)
112
across 4 ledgers
Active deployments
1
Cloudflare Pages dev preview
Production posture
Closed
no live PHI · no autonomous decisioning
3 active tenants (dev)
| Tenant | Type | Roles | Patients | CHWs | State |
|---|---|---|---|---|---|
| Provider Group Demo | Provider group | provider · CHW · biller · super_dev_admin | 130 | 7 | Active (dev) |
| Sandbox A | Sandbox | provider · CHW | 0 | 0 | Idle |
| Sandbox B | Sandbox | provider · CHW · biller | 0 | 0 | Idle |
Default-deny · assignment-aware · audit-emitting
| Role | Scope | Surface | Audit | Production-allowed? |
|---|---|---|---|---|
| super_dev_admin | Dev tenant only | This console + audited impersonation | Always | No |
| super_admin | Tenant-scoped admin (future) | Admin portal (future gate) | Always | Future-gated |
| provider_user | Provider Group Demo | Provider command center | Always | Future-gated |
| chw_user | Assigned panel + visits | CHW workspace | Always | Future-gated |
| biller_user | Commercial ledger only | Biller workspace | Always | Future-gated |
| beta_applicant | Read-only · pending approval | Registration sandbox | Limited | No |
Four-ledger separation
Default-deny across ledgers · cross-ledger references shown as controlled IDs only.
Care documentation · review state · provider review.
68 entries · 24h
All human-reviewed
Commercial revenue scope · provider invoice surface · not clinical billing.
14 entries · 24h
CHW activity time · supervision · no CPT generation.
19 entries · 24h
Identity · permission · consent · audit emission.
11 entries · 24h
Live tail · 24h · ledger-tagged
| When | Actor | Action | Ledger | Evidence |
|---|---|---|---|---|
| 14:38Z | Operator Console | Hybrid note staged for sign-off | Clinical / CPT | REF-EV-0042 |
| 14:21Z | Audit emitter | Consent state updated | Platform / Auth / Audit | REF-EV-0043 |
| 14:14Z | Operator Console | CPT candidate staged | Clinical / CPT | REF-EV-0042 |
| 14:08Z | Provider Group Demo | Hybrid note opened | Clinical / CPT | REF-EV-0042 |
| 14:02Z | CHW Team Member 03 | Smart visit captured | Clinical / CPT | REF-EV-0042 |
| 13:42Z | CHW Team Member 03 | Vital-sign flag raised | Clinical / CPT | REF-EV-0045 |
| 13:24Z | Workforce ledger | Time block logged (3.4h) | Workforce / Payroll | — |
| 12:55Z | Network Partner A | Referral acknowledged · REF-0001 | Platform / Auth / Audit | — |
PHI-minimized metadata only · raw transcripts & audio telemetry stay under custody.
Operational stream inspector and synthetic traffic analyzers
str_session_992aa9JP-DEMO-0042 (Johnson, Evelyn)dr_adler_v1 (Clinical Provider)d1:joy_platform_d1:Platform_Auth_AuditSimulate network failures and force secure custody compliance audits
Dev preview only
| Flag | Env | State | Owner |
|---|---|---|---|
| telehealth.broadcast | dev | provider_user | |
| smart_visit.barrier_capture | dev | chw_user | |
| geospatial.live_chw_marker | dev | platform | |
| biller.commercial_ledger_writes | — | biller_user (future) | |
| admin.impersonate_in_production | — | locked · sealed gate required |
Cloudflare Pages dev preview
| Surface | State | Updated |
|---|---|---|
| Public website + portalsjoypartnersos-public-website.pages.dev | Live | min ago |
| www.joypartners.healthexisting Workers app · not in this lane | Workers | — |
| app.joypartners.health | Reserved | — |
| admin.joypartners.health | Reserved | — |
| api.joypartners.health | Reserved | — |
Lane sequence
Commercial architecture v2 merged on main · da55793
Cloudflare Pages deploy authorized + executed
v2 portal prototype + v3 geospatial + v4 helper pages
v5 sidebar + multi-section dashboards
Image 2.0 production-photo integration
Google Maps Platform production-integration planning
Real auth + RBAC architecture planning
Dev-only audited impersonation
Super Dev Admin authenticates normally then uses dev-only audited impersonation under a separately authorized non-production gate. Production auth bypass is prohibited.
"Super admin bypasses login auth" is explicitly prohibited. The safe pattern is authenticated dev-only audited impersonation.