SCRIMED Cyber Defense Command Center
Turn security into an operating control plane across every SCRIMED route.
SCRIMED Cyber Defense Command Center is a synthetic/no-PHI security-readiness and control-monitoring layer. It does not claim security certification, HIPAA compliance, SOC 2, HITRUST, penetration-test completion, breach immunity, PHI authority, production connector approval, or customer go-live.
Cybersecurity Posture
SCRIMED now treats cybersecurity as an operating control plane: browser hardening, request sanitization, protected-route fail-closed behavior, token redaction, no-PHI safety governance, incident lanes, and buyer diligence cards are visible and contract-tested.
SCRIMED's current cyber layer is designed for no-PHI diligence, synthetic pilots, protected operator evidence, and future regulated deployment preparation.
The current posture preserves fail-closed protected routes, browser hardening, proxy sanitization, token redaction, no-secret tests, and explicit no-authority headers.
External WAF, SIEM, penetration testing, SBOM signing, and customer-specific controls remain required before PHI authority.
Buyer Security Diligence Cards
Procurement-grade answers are packaged as auditable, synthetic-only control cards.
AAL2 and role-scoped operator access
How does SCRIMED constrain protected operator and evidence workflows?
- Category: identity_access
- Owner: Security lead + tenant administrator
- Review cadence: Before each protected no-PHI pilot evidence run.
- Evidence routes: /qa-aal2-run-evidence, /api/scrimed-cyber-defense/evidence-packet
- Required next evidence: Run strict AAL2 durable-store smoke with an authorized role and attach only the redacted token fingerprint result.
- Human review required: true
- Synthetic only: true
- Audit hash: scrimed-intel-106ddb8d
- Blocked claims: No security certification assertion. No breach immunity assertion. No live PHI authority. No customer go-live authority. No production connector approval. No autonomous clinical authority.
- Residual risk: Customer SSO, SCIM, emergency access, and tenant-specific access review evidence remain deployment-specific work.
Token, secret, and credential exposure controls
How does SCRIMED avoid exposing credentials during demos, smokes, and buyer evidence review?
- Category: token_secret_protection
- Owner: Platform security
- Review cadence: Every release candidate and before any protected smoke evidence is shared.
- Evidence routes: scripts/aal2-bearer-token-helper.mjs, scripts/lib/aal2-token-policy.mjs, npm run test:nonsecret
- Required next evidence: Attach managed secret-scan output and rotation runbook metadata before PHI-bearing review.
- Human review required: true
- Synthetic only: true
- Audit hash: scrimed-intel-a660ce49
- Blocked claims: No security certification assertion. No breach immunity assertion. No live PHI authority. No customer go-live authority. No production connector approval. No autonomous clinical authority.
- Residual risk: Managed secrets scanning and production secret rotation still require external CI/platform configuration.
Protected route fail-closed posture
Do protected APIs fail closed when authentication, AAL2, tenant context, or role checks are missing?
- Category: protected_route_boundary
- Owner: Platform reliability + security
- Review cadence: Every protected-route change.
- Evidence routes: /api/workflows/execution-attempts/durable-store, npm run smoke:execution-attempt-durable-store
- Required next evidence: Attach customer-specific protected-route access review after SSO/RBAC configuration.
- Human review required: true
- Synthetic only: true
- Audit hash: scrimed-intel-9f8b432f
- Blocked claims: No security certification assertion. No breach immunity assertion. No live PHI authority. No customer go-live authority. No production connector approval. No autonomous clinical authority.
- Residual risk: Production authorization evidence still needs customer identity-provider integration and deployment logs.
No-PHI and raw-payload boundary
What prevents synthetic diligence routes from becoming live PHI processing paths?
- Category: data_boundary
- Owner: Privacy lead + clinical governance
- Review cadence: Every clinical, connector, or data-ingestion scope expansion.
- Evidence routes: /api/scrimed-cyber-defense, app/lib/scrimedSafetyGovernance.ts
- Required next evidence: Complete privacy risk assessment, BAA/customer agreement, retention policy, and customer-specific data-flow review.
- Human review required: true
- Synthetic only: true
- Audit hash: scrimed-intel-06ad3044
- Blocked claims: No security certification assertion. No breach immunity assertion. No live PHI authority. No customer go-live authority. No production connector approval. No autonomous clinical authority.
- Residual risk: Live PHI processing requires legal, privacy, retention, customer, infrastructure, and incident-response approvals outside this code path.
Proxy and request-header sanitization
How does SCRIMED reduce middleware-bypass and suspicious forwarded-header risk?
- Category: request_sanitization
- Owner: Platform security + infrastructure
- Review cadence: Every proxy, routing, or security-header change.
- Evidence routes: proxy.ts, next.config.js, npm run smoke:scrimed-cyber-defense
- Required next evidence: Attach deployment WAF/bot-management policy and CSP report workflow before regulated traffic.
- Human review required: true
- Synthetic only: true
- Audit hash: scrimed-intel-734f79e5
- Blocked claims: No security certification assertion. No breach immunity assertion. No live PHI authority. No customer go-live authority. No production connector approval. No autonomous clinical authority.
- Residual risk: External WAF and bot-management controls remain deployment-specific defense-in-depth requirements.
API abuse and model-cost guardrails
How does SCRIMED reduce billing-spike and automated abuse risk while provider calls are disabled by default?
- Category: api_abuse_cost_guardrail
- Owner: Platform reliability + finance operations
- Review cadence: Every model-router, provider, or public API expansion.
- Evidence routes: app/lib/costApiGuardrails.ts, app/lib/requestRateLimit.ts, docs/RISK_REGISTER.md
- Required next evidence: Attach tenant quota policy, billing alert thresholds, and abuse-response runbook before paid provider exposure.
- Human review required: true
- Synthetic only: true
- Audit hash: scrimed-intel-5034046f
- Blocked claims: No security certification assertion. No breach immunity assertion. No live PHI authority. No customer go-live authority. No production connector approval. No autonomous clinical authority.
- Residual risk: Production billing anomaly alerting, WAF throttling, and tenant-specific quotas must be configured in hosting/provider systems.
Incident response and tabletop readiness
What happens if a token, PHI-risk submission, protected route, or public route is abused?
- Category: incident_response
- Owner: Security lead + privacy lead + release steward
- Review cadence: Quarterly before regulated pilots and after every security incident.
- Evidence routes: /scrimed-cyber-defense, docs/scrimed-cyber-defense.md
- Required next evidence: Attach redacted tabletop notes, escalation roster, SIEM/log-drain proof, and incident communications template.
- Human review required: true
- Synthetic only: true
- Audit hash: scrimed-intel-b24fb29a
- Blocked claims: No security certification assertion. No breach immunity assertion. No live PHI authority. No customer go-live authority. No production connector approval. No autonomous clinical authority.
- Residual risk: Tabletop exercise records, SIEM proof, pager escalation, and customer notification paths are not established by code alone.
Vendor connector and production integration readiness
What remains blocked before EHR, payer, imaging, or device connector activation?
- Category: vendor_connector_readiness
- Owner: Security lead + integration owner + customer security
- Review cadence: Per connector and per customer environment.
- Evidence routes: /release-continuity, /boundary-release-approvals, /approvals-readiness
- Required next evidence: Complete connector threat model, least-privilege scope map, rollback drill, legal approval, and customer security approval.
- Human review required: true
- Synthetic only: true
- Audit hash: scrimed-intel-f2dcc457
- Blocked claims: No security certification assertion. No breach immunity assertion. No live PHI authority. No customer go-live authority. No production connector approval. No autonomous clinical authority.
- Residual risk: Each connector needs vendor security review, least-privilege scopes, rollback plan, monitoring, and customer signoff.
Enforced Controls
Controls are categorized by surface, status, evidence, protected assets, and retained boundary.
Global browser security headers
Next.js response headers enforce CSP, frame denial, MIME sniffing prevention, referrer limits, HSTS, CORP, COOP, Origin-Agent-Cluster, and restricted browser permissions.
- Evidence: next.config.js, npm run build, npm run smoke:public
- Protected assets: public app routes, investor/buyer surfaces, synthetic readiness APIs
- Verification: Contract check verifies hardened headers stay present.
- Boundary: No PHI, no production credentials, no raw connector payloads, no customer go-live approval, no production connector approval, no security certification claim, and no breach guarantee.
Proxy request-header sanitizer
Next proxy strips middleware-bypass, debug-token, API-key, and forwarded token headers before App Router handlers receive requests.
- Evidence: proxy.ts, npm run smoke:scrimed-cyber-defense
- Protected assets: all non-static routes, protected AAL2 APIs, public diligence routes
- Verification: Contract check requires x-middleware-subrequest stripping and proxy guard headers.
- Boundary: No PHI, no production credentials, no raw connector payloads, no customer go-live approval, no production connector approval, no security certification claim, and no breach guarantee.
Protected APIs fail closed
Protected durable-store and buyer evidence paths require authorized AAL2 bearer context and return fail-closed responses without valid sessions.
- Evidence: scripts/execution-attempt-durable-store-authenticated-smoke.mjs, scripts/aal2-token-policy-selftest.mjs
- Protected assets: execution attempt evidence, boundary release evidence, tenant-scoped pilot workspaces
- Verification: Nonsecret suite runs missing-token and policy checks without logging tokens.
- Boundary: No PHI, no production credentials, no raw connector payloads, no customer go-live approval, no production connector approval, no security certification claim, and no breach guarantee.
Cost and API abuse guardrails
Request counting, cost guardrail metadata, provider-call kill switch defaults, and safe synthetic limits constrain high-volume abuse paths.
- Evidence: app/lib/requestRateLimit.ts, app/lib/costApiGuardrails.ts, docs/RISK_REGISTER.md
- Protected assets: model-router budget, public APIs, synthetic evaluation endpoints
- Verification: Readiness contracts keep provider calls disabled by default unless explicitly configured.
- Boundary: No PHI, no production credentials, no raw connector payloads, no customer go-live approval, no production connector approval, no security certification claim, and no breach guarantee.
Token and secret redaction
Bearer-token helper, smoke paths, and policy tests use fingerprints and redaction rather than writing or logging full credentials.
- Evidence: scripts/aal2-bearer-token-helper.mjs, scripts/lib/aal2-token-policy.mjs
- Protected assets: AAL2 bearer tokens, Supabase sessions, local .env.local
- Verification: Nonsecret suite clears token env vars and validates local helper behavior without exposing secrets.
- Boundary: No PHI, no production credentials, no raw connector payloads, no customer go-live approval, no production connector approval, no security certification claim, and no breach guarantee.
PHI and clinical authority safety gate
Central safety gate blocks live PHI, final clinical decision authority, treatment, prescribing, outreach, payer submission, EHR writeback, connector approval, and certification claims.
- Evidence: app/lib/scrimedSafetyGovernance.ts, app/api/scrimed-cyber-defense/route.ts
- Protected assets: clinical-facing copy, AI workflow APIs, public diligence materials
- Verification: API route evaluates safety governance before returning cyber-defense metadata.
- Boundary: No PHI, no production credentials, no raw connector payloads, no customer go-live approval, no production connector approval, no security certification claim, and no breach guarantee.
No-secret regression suite
Nonsecret test runner clears bearer-token environment variables and validates generated-integrity, safety, AAL2, and SCRIMED control contracts.
- Evidence: scripts/scrimed-nonsecret-test-suite.mjs, scripts/check-generated-integrity.mjs
- Protected assets: CI quality gates, source tree integrity, nonsecret developer workflows
- Verification: npm run test:nonsecret runs the cyber-defense contract with credentials blanked.
- Boundary: No PHI, no production credentials, no raw connector payloads, no customer go-live approval, no production connector approval, no security certification claim, and no breach guarantee.
Security assurance pipeline
A no-secret assurance contract checks hardening headers, proxy sanitization, forbidden claims, token-like leaks, route wiring, and retained authority boundaries.
- Evidence: app/lib/scrimedSecurityAssurancePipeline.ts, scripts/scrimed-security-assurance-contract-check.mjs
- Protected assets: source code, docs, scripts, public cyber route, nonsecret CI gates
- Verification: npm run security:assurance and npm run test:nonsecret keep the assurance gate active.
- Boundary: No PHI, no production credentials, no raw connector payloads, no customer go-live approval, no production connector approval, no security certification claim, and no breach guarantee.
Incident response readiness lanes
Incident lanes define first response for token leakage, suspicious agent action, PHI exposure risk, dependency alert, and public-route abuse.
- Evidence: docs/scrimed-cyber-defense.md, /scrimed-cyber-defense
- Protected assets: operators, buyers, evidence routes, future PHI programs
- Verification: Requires external owner assignment, SIEM/log drain setup, and tabletop exercise before production PHI authority.
- Boundary: No PHI, no production credentials, no raw connector payloads, no customer go-live approval, no production connector approval, no security certification claim, and no breach guarantee.
Threat Matrix
Every major threat receives a current mitigation, detection signal, escalation path, and residual risk.
Prompt injection and tool misuse
Untrusted content, future RAG sources, agent tool calls, MCP connectors.
- Detection: Unexpected tool request, missing citation, untrusted source escalation, denied policy decision.
- Escalation: Pause automation, route to security lead and clinical governance, convert trace into regression test.
- Residual risk: Future live connectors require external penetration testing, red-team evaluation, and customer-specific policy review.
Credential or bearer-token leakage
Local terminals, browser console, protected smoke tests, environment files, logs.
- Detection: Token-like value in logs, invalid/expired token preflight, suspicious forwarded auth header.
- Escalation: Clear clipboard, rotate token/session, revoke compromised session, rerun nonsecret suite.
- Residual risk: Production secret rotation playbooks and managed secrets scanning must be externally operated.
PHI exposure before approval
Synthetic demos, future import pipelines, user pasted text, connector payloads.
- Detection: PHI pattern match, live-patient wording, raw payload attempt, connector write request.
- Escalation: Block request, isolate artifact, require privacy/security review, document root cause.
- Residual risk: Live PHI authority requires BAA, privacy program, logging controls, retention policy, and customer-specific approval.
Middleware/proxy bypass header abuse
Inbound HTTP headers and reverse-proxy forwarding behavior.
- Detection: X-SCRIMED-Middleware-Bypass-Header response value shows stripped.
- Escalation: Inspect upstream proxy, add WAF rule, verify protected routes still fail closed.
- Residual risk: External WAF enforcement and platform log correlation remain deployment tasks.
API abuse and model-cost spike
Public APIs, synthetic evaluation routes, model-router scaffolds, future provider calls.
- Detection: Request-count threshold, cost threshold, repeated synthetic-eval calls, provider-call kill switch.
- Escalation: Return safe error, enable stricter route limits, review source IP and tenant context.
- Residual risk: Production-grade WAF, bot rules, and billing anomaly alerts require hosting-provider configuration.
Supply-chain and generated artifact drift
Node dependencies, generated .next artifacts, build cache, package overrides.
- Detection: Integrity check failure, npm audit finding, unexpected generated duplicate.
- Escalation: Clean generated cache, review dependency advisory, patch or pin safely.
- Residual risk: SBOM signing and external dependency scanning should be added before regulated deployment.
Security Assurance Pipeline
No-secret security checks convert cyber readiness into repeatable release evidence.
Static token and secret leak scan
Source files must not contain live bearer tokens, JWTs, API keys, private keys, or cloud credentials.
- Category: secret_detection
- Evidence: npm run security:assurance, npm run test:nonsecret
- Failure mode: A live credential-like value enters source, docs, scripts, or route code.
- Manual follow-up: Rotate the affected credential, remove the value, preserve only a fingerprint, and rerun nonsecret checks.
Global security header regression gate
CSP, HSTS, frame denial, no-sniff, CORP, COOP, Origin-Agent-Cluster, and restricted Permissions-Policy must remain present.
- Category: browser_hardening
- Evidence: next.config.js, npm run smoke:scrimed-cyber-defense
- Failure mode: A route or refactor removes browser hardening or no-authority response headers.
- Manual follow-up: Review CSP compatibility and add report-only monitoring before stricter enforcement.
Middleware/proxy bypass header guard
Inbound x-middleware-subrequest and token-like debug headers must be stripped before route handlers receive requests.
- Category: request_sanitization
- Evidence: proxy.ts, live header smoke
- Failure mode: A crafted header influences route behavior or bypass assumptions.
- Manual follow-up: Mirror the stripping rule at WAF or reverse-proxy level before regulated deployment.
Protected API fail-closed evidence
Protected AAL2 and buyer-evidence routes must fail closed without valid authorized context.
- Category: protected_access
- Evidence: npm run smoke:public, scripts/aal2-token-policy-selftest.mjs
- Failure mode: Unauthenticated access succeeds or exposes protected evidence.
- Manual follow-up: Inspect auth/RBAC/RLS policy, revoke suspect sessions, and rerun strict AAL2 smoke with a valid short-lived token.
No-PHI and clinical authority boundary
No route, page, doc, or script may claim live PHI authority, autonomous clinical care, payer submission, or EHR writeback.
- Category: phi_boundary
- Evidence: app/lib/scrimedSafetyGovernance.ts, docs/NO_PHI_POLICY.md
- Failure mode: Marketing or operator copy implies authority that SCRIMED does not have.
- Manual follow-up: Route copy through legal, privacy, clinical governance, and qualified external reviewers before release.
Generated integrity and dependency posture
Generated duplicate files must not corrupt resolution, and dependency/security evidence must be ready for external review.
- Category: supply_chain
- Evidence: scripts/check-generated-integrity.mjs, package.json
- Failure mode: Generated duplicates, unsafe dependency drift, or missing dependency evidence blocks clean deploy review.
- Manual follow-up: Add SBOM generation, dependency scan, provenance signing, and external vulnerability review before PHI authority.
Framework dependency security floor
Next.js, React, React DOM, eslint-config-next, and postcss must remain pinned to reviewed versions at or above the current SCRIMED security floor.
- Category: dependency_floor
- Evidence: npm run security:dependency-floor, package.json, package-lock.json
- Failure mode: A dependency update or merge conflict silently downgrades SCRIMED below the approved framework security floor.
- Manual follow-up: Review Next.js and React security advisories, update lockfile through npm ci/install in a trusted environment, then rerun nonsecret checks.
CI workflow governance contract
Main CI and protected smoke workflows must retain no-secret validation, read-only permissions, deterministic Node setup, explicit timeouts, and no fail-open patterns.
- Category: ci_workflow
- Evidence: npm run contract:ci-workflows, .github/workflows/ci.yml, .github/workflows/*smoke.yml
- Failure mode: A workflow edit removes safety checks, disables failure, prints secrets, or leaves protected smokes without timeouts.
- Manual follow-up: Review GitHub Actions logs, rotate any exposed credential, restore fail-closed checks, and rerun the nonsecret suite before merge.
Incident response lane coverage
Token leakage, PHI exposure risk, protected-route abuse, and public-route abuse must have owners and first-response steps.
- Category: incident_response
- Evidence: app/lib/scrimedCyberDefenseCommandCenter.ts, docs/scrimed-cyber-defense.md
- Failure mode: Security event response depends on ad hoc operator memory instead of a defined lane.
- Manual follow-up: Run a tabletop exercise and attach SIEM/log-drain evidence before production PHI workflows.
External deployment assurance boundary
WAF, bot controls, SIEM/log drains, customer-specific threat models, penetration testing, and legal/security review are required before authority expands.
- Category: deployment_boundary
- Evidence: docs/scrimed-cyber-defense.md, /scrimed-cyber-defense
- Failure mode: The platform claims regulated or customer go-live readiness before external controls exist.
- Manual follow-up: Complete external WAF, SIEM, SBOM, penetration test, incident tabletop, and customer-specific approvals.
Security Release Readiness Gate
SCRIMED can show synthetic and buyer-diligence readiness while keeping PHI and go-live authority blocked.
Current authority: synthetic-and-no-phi-only
SCRIMED Security Release Readiness is a no-PHI go/no-go control ladder. It permits synthetic demos, buyer diligence, and protected no-PHI pilot preparation only. It does not approve live PHI, customer go-live, production connectors, payer submission, EHR writeback, regulated clinical use, security certification, SOC 2, HITRUST, HIPAA, FDA, penetration-test completion, or breach immunity.
- PHI authority: not-authorized-production-phi
- Customer go-live: not-customer-go-live-approved
- Go gates: 3
- Conditional gates: 1
- No-go gates: 2
Synthetic demo ready
Allowed: Public no-PHI demos, Synthetic evaluation, Investor/buyer proof review, Internal security assurance
- Required evidence: No-secret assurance, Browser hardening, Proxy sanitizer, Safety governance
- Exit criteria: Public smoke passes, Security assurance passes, No unsafe claims detected
Buyer diligence ready
Allowed: Buyer diligence packets, Protected evidence review, No-PHI pilot scoping
- Required evidence: Protected routes fail closed, No-authority headers, Risk and boundary docs
- Exit criteria: Protected route smoke passes, Security release ladder remains no-PHI
Protected no-PHI pilot ready
Allowed: AAL2 protected no-PHI pilot workspace, Short-lived authorized operator smoke, Evidence binding
- Required evidence: Strict AAL2 happy path, Tenant role verification, Durable-store feature flag enabled
- Exit criteria: Authorized operator smoke passes, Reviewer roles verified, No PHI fixtures used
PHI preproduction blocked
Allowed: Planning only, External evidence collection, Customer security questionnaire preparation
- Required evidence: WAF, SIEM, SBOM, external security review, privacy risk assessment
- Exit criteria: Qualified external reviewers approve evidence, Legal/privacy owners sign release packet
Live PHI production blocked
Allowed: No code-only activation
- Required evidence: BAA/customer agreement, incident tabletop, retention policy, customer-specific threat model
- Exit criteria: Formal customer, legal, privacy, security, and clinical governance approvals exist outside code
Security Diligence Evidence Packet
Buyer and investor evidence is packaged as redacted metadata with explicit blocked-authority boundaries.
Buyer diligence share-ready: true
SCRIMED Security Diligence Evidence Packet is a metadata-only buyer and investor review layer. It packages no-PHI security evidence, retained boundaries, manual operator actions, and external evidence requirements without exposing secrets, tokens, raw logs, PHI, production connector payloads, or customer go-live authority.
- Ready to share: 4
- Manual operator required: 1
- External evidence required: 2
- Blocked until approved: 1
- Questionnaire responses: 8
- Questionnaire ready: 3
- Questionnaire external evidence gaps: 4
- PHI production share-ready: false
- Customer go-live share-ready: false
Browser and proxy hardening packet
How does SCRIMED reduce public-route browser and middleware-bypass risk?
- Category: platform_controls
- Owner: Platform security
- Release stage: buyer_diligence_ready
- Redaction rule: Share header names, contract status, and control rationale only; do not share raw request logs.
- Boundary: No live PHI, no production credentials, no raw log exports, no raw connector payloads, no payer submission, no EHR writeback, no production connector approval, no security certification claim, and no customer go-live approval.
No-secret regression packet
How does SCRIMED prevent credentials, tokens, or unsafe claims from entering review artifacts?
- Category: platform_controls
- Owner: Platform security
- Release stage: buyer_diligence_ready
- Redaction rule: Share command names, pass/fail status, and fingerprints only; never share full bearer tokens or keys.
- Boundary: No live PHI, no production credentials, no raw log exports, no raw connector payloads, no payer submission, no EHR writeback, no production connector approval, no security certification claim, and no customer go-live approval.
Protected route fail-closed packet
Do protected buyer, operator, evidence, and AAL2 routes fail closed without authorized context?
- Category: access_control
- Owner: Platform reliability + security
- Release stage: buyer_diligence_ready
- Redaction rule: Share status codes and route categories only; do not share tenant records, tokens, or request payloads.
- Boundary: No live PHI, no production credentials, no raw log exports, no raw connector payloads, no payer submission, no EHR writeback, no production connector approval, no security certification claim, and no customer go-live approval.
AAL2 operator validation packet
Can an authorized short-lived AAL2 session perform protected no-PHI evidence writes?
- Category: access_control
- Owner: Authorized tenant admin, pilot lead, or reviewer
- Release stage: protected_no_phi_pilot_ready
- Redaction rule: Share token fingerprint and command result only; never share the token, session JSON, or local .env.local.
- Boundary: No live PHI, no production credentials, no raw log exports, no raw connector payloads, no payer submission, no EHR writeback, no production connector approval, no security certification claim, and no customer go-live approval.
Release readiness ladder packet
What is SCRIMED allowed to show today, and what remains blocked before PHI or customer activation?
- Category: release_governance
- Owner: Release steward
- Release stage: buyer_diligence_ready
- Redaction rule: Share release stages, retained boundaries, and required evidence; do not imply expanded authority.
- Boundary: No live PHI, no production credentials, no raw log exports, no raw connector payloads, no payer submission, no EHR writeback, no production connector approval, no security certification claim, and no customer go-live approval.
Incident tabletop packet
Has SCRIMED rehearsed incident handling for token leakage, PHI exposure risk, and protected-route abuse?
- Category: incident_readiness
- Owner: Security lead + privacy lead + clinical governance
- Release stage: phi_preproduction_blocked
- Redaction rule: Share tabletop summary and role matrix only after redaction; do not share raw incident logs.
- Boundary: No live PHI, no production credentials, no raw log exports, no raw connector payloads, no payer submission, no EHR writeback, no production connector approval, no security certification claim, and no customer go-live approval.
WAF, SIEM, SBOM, and external review packet
Which deployment-specific security controls must exist before regulated or PHI-bearing review?
- Category: external_dependency
- Owner: Security lead + qualified external reviewers
- Release stage: phi_preproduction_blocked
- Redaction rule: Share external attestation metadata and redacted summaries only; do not share sensitive infrastructure details.
- Boundary: No live PHI, no production credentials, no raw log exports, no raw connector payloads, no payer submission, no EHR writeback, no production connector approval, no security certification claim, and no customer go-live approval.
BAA, privacy, retention, and customer approval packet
What evidence is required before live PHI, production connectors, or customer activation can be considered?
- Category: retained_boundary
- Owner: Legal + privacy + customer security
- Release stage: live_phi_production_blocked
- Redaction rule: Share existence and approval status only through authorized legal/security review channels.
- Boundary: No live PHI, no production credentials, no raw log exports, no raw connector payloads, no payer submission, no EHR writeback, no production connector approval, no security certification claim, and no customer go-live approval.
access_control
Describe SCRIMED access control, privileged access, and protected workflow safeguards.
- Evidence artifacts: protected-route-fail-closed-packet, aal2-operator-validation-packet
- Supporting routes: /qa-aal2-run-evidence, /api/scrimed-cyber-defense/evidence-packet
- Owner: Security lead + tenant administrator
- External evidence needed: Customer SSO/RBAC evidence, access-review cadence, and emergency-access procedure.
- Human review required: true
- Redaction boundary: Share status codes, route classes, role labels, and token fingerprints only.
- Cannot say: Do not claim customer SSO acceptance before customer identity-provider review. Do not share bearer tokens, session JSON, tenant records, or local .env.local values. Do not imply production PHI authority from no-PHI AAL2 smoke evidence.
- Audit hash: scrimed-intel-0bc66527
data_protection
How does SCRIMED protect sensitive data during current demos and diligence?
- Evidence artifacts: release-readiness-ladder-packet, baa-privacy-retention-packet
- Supporting routes: /scrimed-cyber-defense, /approvals-readiness, /global-certification-readiness
- Owner: Privacy lead + legal owner
- External evidence needed: BAA/DPA path, privacy risk assessment, retention policy, and customer-specific data-flow approval.
- Human review required: true
- Redaction boundary: Share boundary language, evidence classes, owners, and approval gaps only.
- Cannot say: Do not claim live PHI processing authority. Do not claim BAA/DPA execution unless a specific agreement exists outside this packet. Do not paste or store customer data in this public evidence packet.
- Audit hash: scrimed-intel-29c5d7b3
application_security
What application security controls are visible in the current SCRIMED app?
- Evidence artifacts: browser-proxy-hardening-packet, no-secret-regression-packet
- Supporting routes: /api/scrimed-cyber-defense, next.config.js, proxy.ts
- Owner: Platform security
- External evidence needed: WAF policy, bot-management rule summary, CSP report workflow, and external application security review.
- Human review required: true
- Redaction boundary: Share control names, contract checks, and no-authority headers; keep raw traffic details outside the packet.
- Cannot say: Do not represent header hardening as independent penetration-test completion. Do not share raw request logs or infrastructure-sensitive details. Do not imply WAF or bot-management configuration unless deployment evidence exists.
- Audit hash: scrimed-intel-512a0e38
incident_response
How would SCRIMED respond to credential leakage, protected route abuse, or PHI exposure risk?
- Evidence artifacts: incident-tabletop-packet
- Supporting routes: /scrimed-cyber-defense, docs/scrimed-cyber-defense.md
- Owner: Security lead + privacy lead
- External evidence needed: Tabletop notes, escalation roster, SIEM/log-drain proof, and customer notification template.
- Human review required: true
- Redaction boundary: Share role matrix, triggers, and redacted tabletop summaries only.
- Cannot say: Do not claim completed tabletop exercise until external notes exist. Do not share raw incident logs. Do not promise incident outcomes or breach immunity.
- Audit hash: scrimed-intel-63565aba
infrastructure
Which infrastructure controls are required before regulated deployment?
- Evidence artifacts: waf-siem-sbom-review-packet
- Supporting routes: /release-continuity, /production-architecture, /scrimed-cyber-defense
- Owner: Infrastructure owner + security lead
- External evidence needed: Deployment WAF policy, log-drain proof, SBOM artifact, vulnerability scan summary, and rollback evidence.
- Human review required: true
- Redaction boundary: Share evidence checklist and redacted control summaries only.
- Cannot say: Do not claim deployment-specific WAF/SIEM/SBOM completion from code metadata alone. Do not expose infrastructure topology, credentials, IP addresses, or vulnerability details. Do not equate internal readiness with customer security acceptance.
- Audit hash: scrimed-intel-e17388d4
ai_governance
How does SCRIMED govern AI outputs and prevent autonomous clinical authority?
- Evidence artifacts: release-readiness-ladder-packet
- Supporting routes: /scrimed-intelligence-safety-stack, /scrimed-agent-governance, /clinical-authority-readiness
- Owner: Clinical governance + AI safety owner
- External evidence needed: Clinical validation plan, external clinical governance approval, intended-use review, and customer workflow signoff.
- Human review required: true
- Redaction boundary: Share safety boundaries, governance gates, audit metadata, and review requirements.
- Cannot say: Do not claim independent diagnostic, treatment, prescribing, payer-submission, patient-outreach, EHR-writeback, or final imaging authority. Do not claim clinical validation or regulatory clearance from synthetic evaluation. Do not remove human-review language from buyer-facing answers.
- Audit hash: scrimed-intel-67785f87
business_continuity
What is SCRIMED's current resilience, rollback, and continuity posture?
- Evidence artifacts: release-readiness-ladder-packet
- Supporting routes: /release-continuity, /service-reliability, /production-architecture
- Owner: Platform reliability + release steward
- External evidence needed: Backup/restore test, monitoring dashboards, incident SLA policy, and customer-approved continuity plan.
- Human review required: true
- Redaction boundary: Share release lanes, rollback checklists, and recovery evidence requirements only.
- Cannot say: Do not claim disaster-recovery completion without tested restore evidence. Do not claim uptime commitments without signed service terms. Do not imply production customer go-live authority.
- Audit hash: scrimed-intel-b35a4d1d
vendor_risk
What evidence is required before SCRIMED integrates with EHR, payer, imaging, or device systems?
- Evidence artifacts: baa-privacy-retention-packet, waf-siem-sbom-review-packet
- Supporting routes: /boundary-release-approvals, /approvals-readiness, /health-records
- Owner: Integration owner + customer security
- External evidence needed: Connector threat model, scope map, sandbox evidence, credential-management procedure, rollback drill, and customer signoff.
- Human review required: true
- Redaction boundary: Share connector readiness stages, blocked actions, and external evidence requirements only.
- Cannot say: Do not claim production connector approval. Do not claim EHR writeback, payer submission, or device integration authority. Do not share connector credentials, endpoints, raw payloads, or customer topology.
- Audit hash: scrimed-intel-d402c1aa
What can SCRIMED safely demonstrate today?
SCRIMED can demonstrate synthetic/no-PHI cyber controls, browser and proxy hardening, no-secret checks, protected route fail-closed behavior, and buyer diligence evidence boundaries.
- Remaining manual step: Keep evidence packet redacted and metadata-only for all public or buyer-facing review.
What blocks protected no-PHI pilot expansion?
The protected no-PHI lane needs an authorized short-lived AAL2 operator happy-path run and reviewer-role verification before broader protected evidence workflows are treated as ready.
- Remaining manual step: Run strict AAL2 durable-store smoke with a valid tenant-admin, pilot-lead, or reviewer session.
What blocks PHI preproduction or live production?
PHI-bearing or regulated production use remains blocked until external WAF/bot controls, SIEM/log drains, SBOM/dependency evidence, external security review, legal/privacy artifacts, and customer-specific approvals exist.
- Remaining manual step: Collect deployment-specific external evidence and route it through legal, privacy, security, and clinical governance.
Incident Readiness
Response lanes keep token, protected-route, PHI-risk, and public-route events operator-owned.
Token leakage response
Credential-like value appears in output, logs, screenshot, chat, or forwarded header.
- Evidence route: /qa-aal2-run-evidence
- Boundary: No PHI, no production credentials, no raw connector payloads, no customer go-live approval, no production connector approval, no security certification claim, and no breach guarantee.
Protected route abuse response
Protected AAL2 route receives unauthenticated, malformed, repeated, or unexpected-role access.
- Evidence route: /workflows/execution-attempts
- Boundary: No PHI, no production credentials, no raw connector payloads, no customer go-live approval, no production connector approval, no security certification claim, and no breach guarantee.
PHI exposure risk response
Potential live PHI or raw connector payload is submitted to a no-PHI SCRIMED path.
- Evidence route: /health-records
- Boundary: No PHI, no production credentials, no raw connector payloads, no customer go-live approval, no production connector approval, no security certification claim, and no breach guarantee.
Public route abuse response
Traffic spike, abnormal request pattern, bot pressure, or suspicious security header probe.
- Evidence route: /release-continuity
- Boundary: No PHI, no production credentials, no raw connector payloads, no customer go-live approval, no production connector approval, no security certification claim, and no breach guarantee.
Next Hardening Moves
These are the next steps before regulated data, connectors, customer activation, or broader release authority.
Attach production WAF and bot-management rules to public and protected routes.
No live PHI or ePHI authority. No production credentials or raw connector payloads in logs, UI, tests, or chat output. No final clinical diagnosis authority, treatment, prescribing, payer submission, patient outreach, EHR writeback, or final imaging interpretation. No production connector approval, customer go-live approval, security certification claim, or breach guarantee.
Configure managed log drains or SIEM export with token/PHI redaction and retention controls.
No live PHI or ePHI authority. No production credentials or raw connector payloads in logs, UI, tests, or chat output. No final clinical diagnosis authority, treatment, prescribing, payer submission, patient outreach, EHR writeback, or final imaging interpretation. No production connector approval, customer go-live approval, security certification claim, or breach guarantee.
Add SBOM generation, dependency scan, secret scan, and provenance signing to CI.
No live PHI or ePHI authority. No production credentials or raw connector payloads in logs, UI, tests, or chat output. No final clinical diagnosis authority, treatment, prescribing, payer submission, patient outreach, EHR writeback, or final imaging interpretation. No production connector approval, customer go-live approval, security certification claim, or breach guarantee.
Run external penetration test and healthcare privacy/security tabletop before PHI authority.
No live PHI or ePHI authority. No production credentials or raw connector payloads in logs, UI, tests, or chat output. No final clinical diagnosis authority, treatment, prescribing, payer submission, patient outreach, EHR writeback, or final imaging interpretation. No production connector approval, customer go-live approval, security certification claim, or breach guarantee.
Add CSP report-only endpoint and review workflow before enforcing any stricter policy that could affect Next.js runtime assets.
No live PHI or ePHI authority. No production credentials or raw connector payloads in logs, UI, tests, or chat output. No final clinical diagnosis authority, treatment, prescribing, payer submission, patient outreach, EHR writeback, or final imaging interpretation. No production connector approval, customer go-live approval, security certification claim, or breach guarantee.
Add customer-specific threat models before any production connector, EHR, payer, imaging, or device integration.
No live PHI or ePHI authority. No production credentials or raw connector payloads in logs, UI, tests, or chat output. No final clinical diagnosis authority, treatment, prescribing, payer submission, patient outreach, EHR writeback, or final imaging interpretation. No production connector approval, customer go-live approval, security certification claim, or breach guarantee.