Storage

{
  "overview": "\n# Overview\n\nThe **Vivified Storage Service** is a core component of the Vivified platform, providing robust, HIPAA-compliant storage capabilities for sensitive data, including PHI (Protected Health Information) and PII (Personally Identifiable Information). This service ensures data security through encryption, comprehensive audit logging, and strict retention policies.\n\n## Key Features\n- **Automatic Encryption**: All sensitive data is encrypted using advanced cryptographic techniques.\n- **Data Classification**: Supports classification levels such as PUBLIC, INTERNAL, CONFIDENTIAL, PHI, and PII.\n- **Audit Logging**: Detailed logging of all access and modifications to data.\n- **HIPAA-compliant Retention Policies**: Supports standard retention periods to meet HIPAA requirements.\n- **Multiple Storage Providers**: Integrates with Filesystem, S3, and potentially Azure.\n\n!!! note\n    This service is designed to be fully compliant with HIPAA regulations, ensuring secure handling of sensitive healthcare data.\n\n## Architecture\n\n```mermaid\ngraph TD;\n    A[Client Application] -->|API Request| B[Storage Service];\n    B -->|Encrypts Data| C[Storage Provider];\n    C --> D{Filesystem};\n    C --> E{S3};\n    C --> F{Azure};\n    B -->|Audit Log| G[Audit Service];\n    B -->|Policy Check| H[Policy Engine];\n```\n\n!!! tip\n    Use the appropriate StorageProvider for your infrastructure needs, such as S3 for cloud storage or Filesystem for on-premise solutions.\n",
  "api": "\n# API Reference\n\n## StorageService Class\n\n### Methods\n\n#### `store_object(storage_object: StorageObject) -> StorageMetadata`\nStores an object and returns the updated metadata.\n\n#### `retrieve_object(object_key: str) -> Optional[StorageObject]`\nRetrieves an object by its key.\n\n#### `delete_object(object_key: str) -> bool`\nDeletes an object by its key.\n\n#### `list_objects(query: StorageQuery) -> List[StorageMetadata]`\nLists objects matching the query.\n\n!!! warning\n    Ensure that all API requests are authenticated and authorized to maintain data integrity and security.\n",
  "config": "\n# Configuration Guide\n\n## Storage Configuration Options\n\n| Option              | Description                                                   | Default       |\n|---------------------|---------------------------------------------------------------|---------------|\n| `storage_provider`  | The storage backend to use (e.g., Filesystem, S3, Azure).    | `filesystem`  |\n| `encryption_key`    | Master key for encryption of sensitive data.                  |               |\n| `retention_policy`  | Data retention policy (e.g., SHORT_TERM, HIPAA_STANDARD).     | `HIPAA_STANDARD` |\n\n!!! note\n    Ensure that the encryption key is kept secure and not exposed in code or logs.\n",
  "examples": "\n# Usage Examples\n\n## Store an Object\n\n=== \"Python\"\n    ```python\n    from vivified.storage import StorageService, StorageObject\n\n    storage_service = StorageService()\n    obj = StorageObject(data=\"Sensitive Data\", classification=\"PHI\")\n    metadata = await storage_service.store_object(obj)\n    print(metadata)\n    ```\n\n=== \"curl\"\n    ```bash\n    curl -X POST \\\n      -H \"Authorization: Bearer <token>\" \\\n      -d '{\"data\": \"Sensitive Data\", \"classification\": \"PHI\"}' \\\n      https://api.vivified.com/storage/store\n    ```\n\n## Retrieve an Object\n\n=== \"Python\"\n    ```python\n    metadata = await storage_service.retrieve_object(\"object_key\")\n    print(metadata)\n    ```\n\n=== \"curl\"\n    ```bash\n    curl -X GET \\\n      -H \"Authorization: Bearer <token>\" \\\n      https://api.vivified.com/storage/retrieve?object_key=object_key\n    ```\n",
  "security": "\n# Security Considerations\n\n- **Encryption**: All PHI/PII data is encrypted using AES 128 with HMAC for integrity.\n- **Audit Logging**: Every action is logged with details including user, timestamp, and action type.\n- **Access Control**: Ensure that the Policy Engine is configured to enforce trait-based access control.\n- **Data Integrity**: Use consistent hashing to verify data integrity during storage and retrieval.\n\n!!! warning\n    Never share your encryption keys or tokens. Regularly rotate keys and tokens to enhance security.\n",
  "troubleshooting": "\n# Troubleshooting\n\n## Common Issues\n\n### Encryption Errors\n- **Symptom**: \"Encryption key not found.\"\n- **Solution**: Ensure the `encryption_key` is configured correctly in the service settings.\n\n### Access Denied\n- **Symptom**: \"403 Forbidden\"\n- **Solution**: Verify that the API token is valid and has the necessary permissions.\n\n### Data Retrieval Issues\n- **Symptom**: \"Object not found\"\n- **Solution**: Check if the object key is correct and the object exists in the storage.\n\n!!! tip\n    Enable debug logging to get more detailed error messages that can assist in troubleshooting.\n"
}