| F-01 | PostgreSQL unavailable | All reads/writes fail; lab workflow halted | Health probe db.ping() fails; alert fires | Replica failover; read-only mode displays last cached worklist |
| F-02 | NATS unavailable | Events not published; critical alerts delayed | Outbox lag alert; NATS health check fails | Outbox accumulates; events published on reconnect; max retry |
| F-03 | FHIR gateway unreachable | Result release fails; chart not updated | lab_fhir_publish_total{outcome="error"} spike | Retry via outbox with exponential backoff; alert on lag > 5 min |
| F-04 | Terminology service unavailable | LOINC validation skipped | Timeout from terminology client | Proceed with terminology_validated=false; re-validate on reconnect |
| F-05 | Critical alert event not consumed | Critical value goes unnotified | No matching ack within escalation window | Escalation timer republishes; on-call alert via separate channel |
| F-06 | Duplicate order event | Duplicate accession created | Idempotency key check on accession table | UNIQUE(tenant_id, order_id) constraint; inbox dedup |
| F-07 | Analyzer import parse error | Result not entered; technologist must enter manually | LAB_ANALYZER_PARSE_ERROR alert; raw payload stored | Store raw message; notify lab admin; manual fallback |
| F-08 | Optimistic lock conflict on result | 409 CONFLICT returned to client | HTTP 409 spike | UI retries with fresh version; technologist re-enters |
| F-09 | Result release partial failure (some FHIR publishes fail) | Some observations missing from chart | Partial release error event; outbox items remain unpublished | Per-observation outbox entries retry independently |
| F-10 | Keycloak unavailable | All authenticated requests fail | Health check; 401/503 rate spike | Local JWT cache for 60 s; requests fail gracefully after |