Built for state procurement

Multi-tenant data isolation

Every entity in VCPMS carries a tenant identifier with automatic filter enforcement at the query level. Unique constraints include the tenant partition. One state program's data is physically isolated from another - a query for Oklahoma data cannot return Maine records, by design.

Authentication

• Multi-factor authentication (MFA): Required / configurable per tenant. Google Authenticator (TOTP).
• QR login: SignalR-backed passwordless access for mobile companion-app users.
• SSO: JWT Bearer + OpenIddict; SAML or OIDC to state identity providers.

Authorization

Two orthogonal axes: user category (VboUser, VcaUser, SpaUser, AdvUser, LeaUser) enforced at the application-service level; hierarchical permissions (Pages.VcClaims, Pages.VcClaims.Edit, etc.) enforced per-action.

Audit logging

• Entity-level activity log (DomainEntityActivity) - timestamp, actor, field-level before/after values on every change.
• Field-level data-change versioning - victim/claimant/contact/crime data each independently versioned per section.
• Individual-section update tracking - reason required on changes to victim, claimant, or crime sections after submission.
• Workflow trigger audit log - automated system actions (notifications, state changes, document generation) logged separately from human activity.

Compliance posture

• HIPAA-aligned, BAA-capable. Victim records routinely include protected health information; VCPMS is designed to handle PHI with appropriate controls. We sign BAAs.
• CJIS-aligned architecture. Designed to meet CJIS controls; formal attestation in progress.
• SOC 2 Type II in progress. Independent audit underway; not yet issued.
• Accessibility: WCAG 2.1 AA targets; formal Section 508 audit planned.