Assignment
Data Entity
Description
Encrypted sensitive data dispatch from coordinators to peer mentors, containing personal information (name, address, medical summary) about individuals needing peer mentor support. Tracks delivery status, read confirmation, and consent.
Data Structure
| Name | Type | Description | Constraints |
|---|---|---|---|
id |
uuid |
Primary key | PKrequiredunique |
organization_id |
uuid |
Organization that dispatched this assignment | required |
assigned_to_user_id |
uuid |
Peer mentor receiving the assignment | required |
dispatched_by_user_id |
uuid |
Coordinator who dispatched the assignment | required |
encrypted_payload |
text |
AES-encrypted JSON blob containing sensitive personal data (name, address, medical summary/epikrise). Encrypted with per-assignment key. | required |
encryption_key_id |
uuid |
Reference to the key used to encrypt the payload, stored in key management service | required |
status |
enum |
Current lifecycle status of the assignment | required |
title |
string |
Non-sensitive display title for the assignment inbox (e.g. 'New assignment #42') | required |
priority |
enum |
Urgency level of the assignment | - |
requires_consent |
boolean |
Whether the peer mentor must give progressive digital consent before viewing the payload | required |
consent_given_at |
datetime |
Timestamp when the peer mentor gave consent to view sensitive data | - |
delivered_at |
datetime |
Timestamp when assignment was successfully delivered to device | - |
first_read_at |
datetime |
Timestamp of first confirmed read by the peer mentor | - |
contact_made_at |
datetime |
Timestamp when peer mentor confirmed initial contact with the assigned individual | - |
contact_deadline_at |
datetime |
Deadline by which contact must be established (auto-reminder triggered at 10 days post-dispatch if no contact) | - |
expires_at |
datetime |
Expiry date after which the encrypted payload is inaccessible | - |
dispatched_at |
datetime |
Timestamp when the assignment was created and dispatched | required |
completed_at |
datetime |
Timestamp when the assignment was marked completed | - |
cancelled_at |
datetime |
Timestamp when the assignment was cancelled by a coordinator | - |
cancellation_reason |
text |
Reason provided when cancelling an assignment | - |
geographic_region |
string |
Region/county identifier used for geographic matching and map overlay display | - |
threshold_sequence_number |
integer |
Cumulative assignment count for this peer mentor in the organization, used for threshold tracking (e.g. 3rd triggers office honorarium, 15th triggers higher rate) | - |
notes |
text |
Non-sensitive coordinator notes about the assignment (not encrypted) | - |
created_at |
datetime |
Record creation timestamp | required |
updated_at |
datetime |
Record last-updated timestamp | required |
Database Indexes
idx_assignments_assigned_to_user_id
Columns: assigned_to_user_id
idx_assignments_organization_id
Columns: organization_id
idx_assignments_status
Columns: status
idx_assignments_org_user_status
Columns: organization_id, assigned_to_user_id, status
idx_assignments_dispatched_at
Columns: dispatched_at
idx_assignments_contact_deadline
Columns: contact_deadline_at, status
idx_assignments_geographic_region
Columns: geographic_region
Validation Rules
encrypted_payload_not_empty
error
Validation failed
assigned_to_user_is_peer_mentor
error
Validation failed
organization_scope_match
error
Validation failed
status_transition_validity
error
Validation failed
expiry_after_dispatch
error
Validation failed
contact_deadline_after_dispatch
error
Validation failed
encryption_key_id_valid
error
Validation failed
title_length
error
Validation failed
Business Rules
consent_required_before_payload_access
When requires_consent is true, the peer mentor must complete the progressive digital consent flow before the encrypted payload is decrypted and displayed. The payload key must not be transmitted until consent_given_at is set.
contact_deadline_reminder
If contact_made_at is still null 10 days after dispatched_at and status is not cancelled/completed/expired, an automatic reminder notification is triggered to the assigned peer mentor and dispatcher coordinator.
threshold_sequence_increment
On each new assignment creation for a peer mentor within an organization, threshold_sequence_number is incremented from the last value. When sequence reaches 3 or 15 (Blindeforbundet-specific), a threshold event is recorded to trigger honorarium calculation.
only_active_peer_mentors_receive_assignments
Assignments may only be dispatched to peer mentors with an active (non-paused, non-deactivated) status. Paused or certification-expired peer mentors must be excluded from the assignment target selector.
encryption_mandatory
The encrypted_payload field must always contain an AES-encrypted value. Storing plain-text personal data is prohibited. The assignment-encryption-service must be invoked before any write.
cancelled_assignment_payload_destruction
When an assignment is cancelled, the encryption key reference is invalidated in the key management service, making the payload permanently inaccessible even if the ciphertext remains in the database.
audit_all_state_transitions
Every status change on an assignment must be written to the audit log with actor user ID, timestamp, and from/to status.
geographic_map_visibility
Only assignments with geographic_region set and status not in (cancelled, completed) are eligible for display on the AssignmentMapOverlayWidget. The geographic matching service filters by this criteria.