Knogin
[Developers]

Officer Wellness Domain

Officers who respond repeatedly to traumatic incidents carry a cumulative burden that standard performance data does not capture. The Officer Wellness domain gives individual officers a private space to log their state a

Back to All Modules
Category: Api DomainsLast Updated: Feb 5, 2026
api-domains

Overview#

Officers who respond repeatedly to traumatic incidents carry a cumulative burden that standard performance data does not capture. The Officer Wellness domain gives individual officers a private space to log their state and access support, while giving leadership anonymised department-wide summaries that reveal trends without exposing personal data. Participation is voluntary, disclosure is graduated, and wellness records stay completely separate from disciplinary systems.

Key Features#

  • Opt-in privacy model with graduated disclosure levels: self only, peer support, supervisor, command, and full
  • Wellness check-in tracking with alert level assessment: green, yellow, orange, and red
  • Traumatic incident exposure recording and cumulative tracking
  • Self-referral creation for wellness resources and support services
  • Anonymised department-wide wellness summaries for leadership visibility
  • Non-punitive design ensuring wellness data is separate from disciplinary systems
  • Audit logging for all data access to protect officer privacy

Use Cases#

Relevant sectors include law enforcement, first responder organisations, and defence.

  • Enabling officers to voluntarily track their wellness and access support resources
  • Recording traumatic incident exposure for proactive wellness intervention
  • Generating anonymised department wellness summaries for leadership awareness
  • Providing confidential self-referral pathways to counselling and peer support

Integration#

The Officer Wellness domain integrates with User for officer profiles, Incident for traumatic incident tracking, Notification for wellness alerts, and Report for anonymised wellness reporting.

Open Standards#

  • HIPAA (Health Insurance Portability and Accountability Act): The domain explicitly implements HIPAA-aligned privacy controls, including opt-in-only data collection, separation of wellness records from personnel files, minimum-necessary access enforcement, and comprehensive audit logging for all data access.
  • OAuth 2.0 (RFC 6749): All wellness endpoints are protected via bearer-token authentication and role-based authorisation scopes; the IsAuthenticated guard and viewer-role checks map directly to OAuth 2.0 resource-server access-control patterns.
  • GraphQL (June 2018 Specification): The entire domain API surface is exposed as a typed GraphQL schema using queries and mutations, with fine-grained field-level permission checks enforced at the schema layer.
  • JSON / JSON:API (ECMA-404, RFC 8259): Structured data payloads, including crew IDs and recommended follow-up arrays, are stored and transmitted as JSON; JSONB columns in PostgreSQL carry the critical-incident event metadata.
  • NEWS2 (National Early Warning Score 2, Royal College of Physicians): The critical-incident service evaluates NEWS2 scores from ePCR encounter records to derive CISM-worthy severity classifications and trigger automated post-incident wellness check-ins.
  • CISM (Critical Incident Stress Management, ICISF): The post-incident support workflow, including defusing, peer-support review, and formal CISM referral pathways, follows the internationally recognised ICISF Critical Incident Stress Management model.
  • RBAC (NIST SP 800-207 / ISO/IEC 29146): Access to individual wellness records is governed by a role hierarchy (self, peer support, supervisor, command) that aligns with the Role-Based Access Control standard, ensuring least-privilege access proportional to the officer's consent level.

Last Reviewed: 2026-02-05 Last Updated: 2026-04-14

Ready to Build?

Get started with our APIs or contact our integration team for support.