Licensed Documentation
The public site you are reading now covers what HCE does and how to operate it. It deliberately does not expose internal architecture, data schemas, deployment runbooks, integration internals, or the threat model.
That level of detail exists. It is reserved for customers and integrators with a legitimate need, under a support agreement or NDA.
Why we keep the deep docs private
HCE is deployed in government healthcare institutions. Publishing specific framework versions, database schemas, endpoint counts, permission structures, integration protocols, and deployment topologies would:
- Expand attack surface — attackers could target known vulnerabilities in specific stack versions
- Expose credentials in examples — even well-intended documentation tends to leak real data (IP addresses, tenant IDs, example keys)
- Disclose operational specifics — internal network topologies, rack positions, and subnet layouts shouldn't be on the open web
- Leak proprietary logic — the clinical decision support and pipeline orchestration are proprietary IP
The public / licensed split is security by design, not a paywall.
What's in the licensed documentation
The licensed documentation covers, per product:
- Overview — real technology stack with versions, real metrics (controller / endpoint / entity counts)
- Core concepts — tenancy model, permission format, audit philosophy, entity vocabulary
- Architecture — request lifecycle, guard chain, data layer, background jobs, APM
- Workflows — end-to-end state machines with validated transitions
- Modules — per-controller documentation with entity lists and endpoint counts
- Data model — entity graph, domain catalog, full enum vocabulary, indexes
- Security & compliance — RBAC internals, audit specifics, threat model
- Operations — deployment, migrations, environment variables, monitoring, disaster recovery
- Integrations — SISMAUS Control Plane, LIS / Mirth, AI provider routing, government reporting
- Troubleshooting — diagnostic queries, common issues, playbooks
Who gets access
| Audience | Typical access |
|---|---|
| Licensed customers | Under active support agreement, via authenticated portal |
| Partner integrators | Under NDA, scoped to the engagement |
| Security auditors | Under NDA, scoped to the audit window |
| SISMAUS internal engineering | Via internal repository |
How to request access
- Contact your SISMAUS account manager
- Open a support ticket at the customer portal
- Email
partners@sismaus.comif you are a potential integrator
Access is typically provisioned via:
- Private documentation portal with authentication (tied to your support login)
- Private git repository with SSH key or token-based auth
- Encrypted PDF export for specific audit scenarios
What you still get publicly
This public site will always cover, for every product:
- Capabilities — what the product can do
- User journeys — how end users interact with the product
- Integration points at a high level — what systems connect to what
- Compliance posture — what frameworks and standards we align with
- Getting in touch — how to request a demo or raise a support issue
If there is something you expected to find publicly that you can't locate, contact support — we are happy to confirm whether it belongs in the public or licensed tier.