Stage the recommended fix.
ValidantLab can draft a safer change, but fixes require approval before generated evidence appears in the readiness packet.
Any visitor can read every file in the patient-documents bucket. The storage policy allows unauthenticated reads across all objects, so uploaded patient documents are publicly accessible.
Only signed-in users can read documents, and each user is limited to the folder that matches their own verified patient ID claim. Files outside a user's patient scope are no longer returned.
Risk delta
Human review gate: Confirm the patient_id claim semantics, migration safety, rollback plan, and the storage subprocessor DPA before relying on generated artifacts.
Human review gate
The demo patch can create evidence support only after an explicit approval event. Final readiness decisions still require human review.