Compliance

Compliance Export

Nightly scheduled audit export with chain attestation and secure delivery tracking.

What's inside

Audit Export Runs entity — period start/end, row count, file path, checksum, status, error
Export Run History app — internal-only utility showing every run, its status, and the resulting file
NightlyExport scheduled workflow — runs at 02:00 UTC, generates a signed audit export of the prior day, writes the result
3 sample runs: two completed, one failed (with a representative error message)

Compliance Export

Stand up a nightly audit export pipeline that produces signed, checksummed files and records each run for review. Use this as the spine of your evidence collection for SOC 2, HITRUST, HIPAA, or any framework that wants periodic export attestation.

How it works

The NightlyExport workflow runs at 02:00 UTC.
The export step calls HASP’s audit export job, which generates a signed file covering the prior day’s events.
A record is created in the Audit Export Runs entity with the period, row count, file path, checksum, and completed status. Failures are recorded with the error message and failed status.
Anyone with access to the Export Run History app can see the full run log, download files, and verify checksums.

What you can extend

Change the schedule to weekly or hourly by editing the trigger’s cron expression.
Add an off-platform delivery destination (S3, SFTP) as a second action step.
Wire failures into your alerting — emit to PagerDuty or Slack when status is failed.
Extend the entity to track checksum verification results from downstream auditors.

Data handling

This template operates on audit metadata, not patient data. Export files are cryptographically signed by HASP’s audit chain — any tampering breaks the signature and is detected the next time an auditor verifies the export.