Custom Logic That Survives Every Platform Update
Hooks, policy overrides, and versioned extensions that preserve your customizations through updates and patches.
The Problem This Solves
Before HealthSail
Healthcare organizations customize commerce platforms by modifying core code, creating a maintenance burden that grows with every platform update. Security patches and compliance updates cannot be applied without risking custom functionality, leading to organizations running outdated, vulnerable platform versions.
With HealthSail
HealthSail's extension framework stores all customizations separate from core code, automatically preserved through platform updates. Security patches and compliance updates apply cleanly, and an automated compatibility check flags any extension conflicts before deployment.
How It Works
Before and After Hooks
HealthSail exposes before and after hooks at every significant workflow step, data access point, and integration boundary, allowing organizations to inject custom logic without modifying the platform's core processing pipeline. A before hook executes immediately prior to the platform action and can inspect, modify, or conditionally block the pending operation. An after hook executes immediately following the platform action and can inspect the result, trigger additional actions, or modify the response before it reaches the caller. Hooks are defined as standalone functions that receive the operation context — including the user identity, role, transaction data, and the specific workflow step — and return either a continuation signal, a modified context, or a rejection with a reason code. For example, a before hook on the order submission step could validate that the order meets organization-specific formulary restrictions that go beyond the platform's default validation. An after hook on payment processing could trigger a custom notification to the prescribing provider when a high-cost medication order is completed. Hooks are registered through declarative configuration that specifies which workflow steps they attach to, their execution priority relative to other hooks, and their failure behavior. If a hook fails, the platform can be configured to block the operation, log the failure and continue, or fall back to a default behavior, depending on the hook's criticality classification.
Policy Overrides
Policy overrides allow organizations to modify platform behavior through declarative rules rather than code changes, making customization accessible to compliance officers and business analysts who do not write software. A policy override is a rule expressed in HealthSail's policy language that evaluates conditions and specifies actions, such as routing orders differently based on product category, applying different consent requirements based on patient jurisdiction, or modifying data visibility rules for specific organizational units. Policy overrides are evaluated at runtime and take precedence over the platform's default policies for the scope in which they are defined. The override system supports scoping at the organizational level, the location level, the transaction type level, and the user role level, allowing organizations to define overrides that apply broadly or narrowly as needed. Overrides include a compliance validation step that checks the override against the platform's compliance baseline — an override that would expose PHI to an unauthorized role or bypass consent verification, for example, is rejected with an explanation of the compliance concern. Policy overrides are version-controlled with full change history, author attribution, and approval workflow support. Organizations can require that policy changes go through an approval process before activation, with configurable approver roles and multi-approver requirements for high-impact changes.
Versioned Extension Modules
For customizations that go beyond hooks and policy overrides, HealthSail supports versioned extension modules that can add entirely new capabilities to the platform. An extension module is a self-contained package that registers its own API endpoints, workflow steps, data models, and UI components through the platform's extension registry. Extension modules follow the same interface contract patterns as the platform's composable architecture modules, ensuring that they integrate cleanly with existing workflows, comply with platform security and compliance requirements, and coexist with other extensions without conflicts. Each extension module declares its platform version compatibility range, and the platform validates this compatibility during installation and during platform upgrades. If a platform upgrade would move outside an extension's declared compatibility range, the upgrade process flags the incompatibility and provides the extension's update instructions. Extension modules can be developed internally by the organization's engineering team or sourced from HealthSail's extension marketplace, where third-party developers publish extensions that have passed the platform's security and compliance review process. All extension modules are sandboxed at runtime, preventing them from accessing platform internals outside of their declared interface contracts and ensuring that a faulty extension cannot compromise platform stability or compliance.
Compliance-Safe Custom Code
HealthSail's extension framework includes guardrails that ensure custom code cannot inadvertently compromise the platform's compliance posture. Every extension — whether a hook, policy override, or extension module — is validated against the platform's compliance baseline during activation. The compliance baseline defines invariant rules that no extension can override: PHI must always be encrypted at rest and in transit, access decisions must always be logged, consent must always be verified before PHI is served, and role-based access controls must always be enforced. Extensions that attempt to bypass these invariants are rejected during validation with detailed explanations of the compliance rules they violate. The validation system also checks for indirect compliance impacts, such as a hook that modifies transaction data in a way that would cause downstream audit log entries to record inaccurate information, or a policy override that creates a data access path not covered by the organization's BAA with a specific vendor. For organizations that need to verify their extensions against compliance requirements beyond the platform's baseline — such as state-specific regulations or internal policies — the validation framework supports custom compliance rules that can be added to the baseline. All validation results are logged and available for compliance review, creating documentation that demonstrates the organization's extension governance process.
Architecture & Integration Notes
The extension framework uses a layered execution model where core platform logic executes within an inner layer, and extensions execute in an outer layer that can inspect and modify the inputs and outputs of the inner layer without modifying its implementation. This separation is enforced at the runtime level, not just by convention, using a sandboxing mechanism that restricts extension code to the APIs exposed by the extension framework. Extension configurations are stored in a dedicated data store separate from core platform configuration, and the platform's upgrade mechanism operates on core configuration without touching the extension store. The compatibility validation system compares extension interface dependencies against the updated platform's interface specifications and reports mismatches before the upgrade is applied.
AI Copilot for Upgrade-Safe Customization
The AI Copilot assists with customization by analyzing an organization's business requirements and recommending whether each requirement is best addressed through a hook, policy override, or extension module. When writing custom hooks or extensions, the copilot can generate scaffold code that follows the extension framework's patterns and includes the required compliance validation hooks. It reviews custom code for potential compliance issues, suggests improvements, and identifies opportunities to simplify customizations by leveraging platform features that the organization may not be aware of. The copilot can also assess the upgrade impact of pending platform updates on active extensions and recommend update strategies.
AI Copilot — Available on Growth & Enterprise Plans
AI Copilot reduces implementation time for upgrade-safe customization by automatically generating field mappings, test datasets, and validation scripts based on your compliance schema — so your team can ship faster without writing repetitive configuration code.
Ready to see Upgrade-Safe Customization in action?
Book a Compliance Blueprint call and get a live walkthrough tailored to your healthcare workflows and compliance requirements.
Before & After HealthSail
| Area | Before | After HealthSail |
|---|---|---|
| Area 1 | Custom logic embedded in core code, broken by every platform update | Extensions stored separately from core code, preserved through updates automatically |
| Area 2 | Security patches delayed because they conflict with customizations | Patches apply cleanly to core code with automated extension compatibility checks |
| Area 3 | No guardrails preventing customizations from creating compliance gaps | Compliance baseline validation for every extension before activation |
| Area 4 | Customizations require developer involvement for every business rule change | Policy overrides enable business analysts to modify rules through declarative configuration |
Frequently Asked Questions — Upgrade-Safe Customization
Get your tailored compliance implementation plan.
Our Compliance Blueprint call delivers a written implementation roadmap specific to your healthcare workflows, compliance requirements, and your timeline.