compliance

Original🇺🇸 English
Translated

Ensure regulatory compliance. Use when implementing GDPR, HIPAA, PCI-DSS, or SOC2 requirements. Covers compliance frameworks and controls.

5installs
Sourcedralgorhythm/claude-agentic-framework
Added on

NPX Install

npx skill4agent add dralgorhythm/claude-agentic-framework compliance

Tags

Translated version includes tags in frontmatter
compliance-frameworksgdpr-implementationhipaa-compliancepci-dss-controlssoc2-requirements

SKILL.md Content

View Translation Comparison →

Compliance

Common Frameworks

GDPR (General Data Protection Regulation)

EU data protection regulation.
Key Requirements:
  • Lawful basis for processing
  • Data minimization
  • Right to erasure
  • Data portability
  • Breach notification (72 hours)
  • Privacy by design

HIPAA (Health Insurance Portability and Accountability Act)

US healthcare data protection.
Key Requirements:
  • Access controls
  • Audit controls
  • Integrity controls
  • Transmission security
  • Business Associate Agreements

PCI-DSS (Payment Card Industry Data Security Standard)

Payment card data protection.
Key Requirements:
  • Network segmentation
  • Encryption of cardholder data
  • Access restrictions
  • Regular testing
  • Security policies

SOC 2 (Service Organization Control 2)

Trust service criteria.
Principles:
  • Security
  • Availability
  • Processing Integrity
  • Confidentiality
  • Privacy

Common Controls

Access Control

markdown
- [ ] Unique user IDs
- [ ] Strong authentication
- [ ] Role-based access
- [ ] Regular access reviews
- [ ] Termination procedures

Data Protection

markdown
- [ ] Encryption at rest
- [ ] Encryption in transit
- [ ] Key management
- [ ] Data classification
- [ ] Retention policies

Audit & Monitoring

markdown
- [ ] Audit logging enabled
- [ ] Log retention (1+ year)
- [ ] Regular log review
- [ ] Alerting on anomalies
- [ ] Incident response plan

Documentation

markdown
- [ ] Security policies
- [ ] Procedures documented
- [ ] Evidence collection
- [ ] Regular reviews
- [ ] Training records

Compliance Checklist

ControlGDPRHIPAAPCISOC2
EncryptionYesYesYesYes
Access ControlYesYesYesYes
Audit LoggingYesYesYesYes
Breach NotificationYesYesYesYes
Risk AssessmentYesYesYesYes