- Birt_proxy.php: decrypt PII sebelum call BIRT, cache 5 menit
- 5 SP (hasil_header, _2, _eng, fo_001, card_patient): tambah LEFT JOIN
ke patient_print_cache dengan COALESCE fallback ke masked data
- SP signature tidak berubah, .rptdesign tidak perlu diupdate
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Nama ditangani remask_patient_name.php (decrypt dari _enc).
Script ini handle HP/email/alamat/NIK/POB dengan cursor-based
agar tidak infinite loop pada nama pendek satu kata.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Data pasien tidak perlu masuk log — identitas sudah terenkripsi di m_patient
dan bisa di-trace via T_OrderHeaderID → M_PatientID.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
t_orderdetail, t_orderheader, so_resultentry*, member_eligible tidak dienkripsi.
Perlindungan via enkripsi identitas pasien (m_patient) + access control.
Hanya t_orderdelivery (email/HP delivery) yang tetap dienkripsi.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Tambah: step truncate log_patient, format masking terbaru,
troubleshooting disk full + MySQL crash, controller sprint berikutnya.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
JSON tidak mengandung PII langsung (nama/NIK/DOB/alamat).
Enkripsi akan memberatkan global MCU report.
Data source (t_orderdetail) sudah dienkripsi.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Dokumentasi lengkap urutan eksekusi, field yang dienkripsi,
format masking, disk space requirement, dan restore procedure.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
"FAJRI HARDHITA" → "FAJRI H*******" lebih readable untuk operasional.
Script remask_patient_name.php untuk re-apply ke data yang sudah dimasking.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Kolom lama (M_PatientName, HP, Email, dll) kini menyimpan nilai masked.
Data asli tetap aman di _enc. Konsisten dengan bulk masking script.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Semua 300+ controller otomatis tampilkan data termasking tanpa perlu
diupdate satu-satu. Data asli tetap aman di kolom _enc.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Ganti field PII plaintext (Name, HP, Email, DOB, NIK, IDNumber, dll)
dengan field _enc di JSON log_patient. Trigger m_patient_bu tetap
UPPER-kan M_PatientName untuk backward compat.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Tambah .env loader di index.php untuk IBL_ENCRYPT_KEY dan IBL_ENCRYPT_SEARCH_KEY
- Library Ibl_encryptor: AES-256-GCM encrypt/decrypt + trigram blind index untuk partial search
- SQL migration: tambah kolom _enc dan _bidx di 16 tabel (m_patient, m_patientaddress, hasil lab, log)
- Script backup_pdp_tables.sh: backup tabel terdampak sebelum migrasi
- Script migrate_encrypt_patient.php: enkripsi batch 178K data PII pasien
- Script migrate_encrypt_results.php: enkripsi data medis hasil lab dan log
- Patient.php: search via trigram blind index, add_new/edit enkripsi sebelum save
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
JOIN m_company langsung dari Mcu_PreregisterPatientsCompanyNumber diganti
LEFT JOIN mgm_mcu → m_company, karena CompanyNumber bisa kosong tapi
Mgm_McuM_CompanyID selalu terisi.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Previously search_v2 ignored all filters from the request.
Now status=''/any, name, nolab, company are applied dynamically.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
When save_delivery_additional_other receives chex=N for an EMAIL
delivery, also set t_send_email.T_SendEmailIsActive='N' for rows
with status D/E/C — previously only t_orderdelivery was deactivated.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Script picks S, locks to P, sets R on success.
On failure: back to S for retry; after max retry (3) sets E and logs to one_lab_log.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Prevents UI re-trigger while email is in flight. Status flow:
S (scheduled) → P (processing) → D (delivered) / S (failed, retryable)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Done.php send_email_v2: query qr_printout to build structured reports
array [{"id","url","result"}] using QR_PrintOutGroup_ResultName instead
of relying on client-supplied reports param.
send_email.php: parse both old (URL string) and new (object) formats;
use result field as PDF attachment filename.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Skip attachment if downloaded content is not a valid PDF (HTML error response)
- Add Nat_SubSubGroupSequence to nat_subsubgroup table (missing column
referenced by sp_rpt_hasil_lab in SELECT and ORDER BY)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
