Nucain Care
API referenceBack to sign in
Product overview

How Nucain Care works

A bird's-eye view of the platform: the modules that power daily care, the data that holds it together, and the rules engine that enforces safety in real time.

System map

Clients

Web app (PWA) for workers, managers and admins. Role-aware UI.

Edge API

Server functions issue authenticated reads/writes with RLS.

Postgres

Residents, MAR, shifts, incidents, audit. RLS on every table.

  [ Worker / Manager / Admin ]
            │  HTTPS · JWT
            ▼
   ┌────────────────────┐    server time
   │  Edge Server Funcs │ ─────────────────┐
   │  + Rule Engine     │                  │
   └─────────┬──────────┘                  ▼
             │                   ┌──────────────────┐
   RLS-scoped│                   │  pg_cron jobs    │
             ▼                   │  · MAR sweeps    │
     ┌───────────────┐           │  · Drill alerts  │
     │  Postgres     │ ◄───────  │  · Renewals      │
     │  (RLS, audit) │           └──────────────────┘
     └───────┬───────┘
             │ change feeds
             ▼
     ┌────────────────┐
     │ Notifications  │ → email / SMS / push
     └────────────────┘
Core modules
Medication (MAR)
Residents & Key Workers
Shifts & Rota
Incidents & Safeguarding
Compliance (CQC)
Audit & Reporting

Data model

Simplified entity overview. Every table is RLS-protected and audit-logged.

residents
  • · id
  • · name
  • · dob
  • · home_id
  • · key_worker_id
  • · risk_level
medications
  • · id
  • · resident_id
  • · name
  • · dose
  • · schedule_cron
  • · prn
mar_entries
  • · id
  • · med_id
  • · due_at
  • · given_at
  • · given_by
  • · status
shifts
  • · id
  • · staff_id
  • · home_id
  • · start_at
  • · end_at
  • · status
incidents
  • · id
  • · resident_id
  • · type
  • · severity
  • · reported_by
  • · status
audit_log
  • · id
  • · actor_id
  • · action
  • · target
  • · occurred_at
Medication rules engine
for each med in medications:
  due = next_cron(med.schedule, server_now())

  if server_now() > due + 30m and not given:
       create_incident(type="missed_med",
                        severity=med.criticality)
       notify(roles=[manager], channel="sms")

  if given_at within window(due ± 15m):
       mar_entry.status = "on_time"
  elif given_at within window(due ± 60m):
       mar_entry.status = "late"
  else:
       mar_entry.status = "missed"

  append_audit(actor, action="MAR.update", target=med.id)
Server-time engine

All time-sensitive logic (MAR windows, shift clocking, time-gated forms) reads from select now() at time zone 'utc' on the database, never the client.

Tamper-proof

Clients cannot pre-fill forms by changing device clock.

Window enforced

Forms unlock only when server window opens, and lock at server close.

Audit aligned

Every action stamped with server timestamp, not device time.

Daily medication round — flow

  1. 1

    Scheduler wakes

    pg_cron sweeps every minute, scoring each MAR slot.

  2. 2

    Worker notified

    Window opens; push & in-app alert sent to assigned worker.

  3. 3

    Dose recorded

    Worker signs in-app; server validates window & double-sign rules.

  4. 4

    Audit & follow-up

    If missed, incident auto-created and manager paged.

Continue to sign in