35 lines
1.4 KiB
Markdown
35 lines
1.4 KiB
Markdown
# Privacy & Compliance Spec
|
||
|
||
Status: approved
|
||
Owners: Compliance, Security
|
||
|
||
Scope
|
||
- GDPR: data subject rights, consent, DSR workflows, data minimization.
|
||
- HIPAA: PHI handling, access controls, audit logging, BAAs, breach response.
|
||
|
||
Data classes
|
||
- Public, PII, PHI — document per‑field classification in `data-model.md`.
|
||
|
||
Controls
|
||
- Encryption in transit (TLS 1.3) and at rest (AES‑256). Key mgmt with rotation.
|
||
- RBAC/ABAC for sensitive actions; least privilege; admin action audit.
|
||
- Logging with redaction; no PHI/PII in logs/traces.
|
||
|
||
DSR & retention
|
||
- Defined SLAs and automated workflows for export/delete; retention policies per entity.
|
||
|
||
3rd‑party
|
||
- Subprocessors inventory; data flow diagrams; DPAs/BAAs tracked.
|
||
|
||
Validation
|
||
- Privacy & security review is a gate on every proposal that touches user data.
|
||
|
||
Data subject request (DSR) workflow
|
||
- Intake: authenticated portal and support channel; track request ID and SLA clock.
|
||
- Verify: identity verification step appropriate to sensitivity; log access.
|
||
- Fulfill: export machine‑readable JSON/CSV; delete with reversible soft‑delete window when permitted.
|
||
- Notify: confirmation to requester; record of processing activities updated.
|
||
|
||
Acceptance and enforcement
|
||
- CI policy checks for classification coverage and log redaction.
|
||
- Table/field inventory maintained in `data-model.md` with data class and retention policy.
|