compliance

GDPR (General Data Protection Regulation)

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "compliance" with this command: npx skills add nguyenhuuca/assessment/nguyenhuuca-assessment-compliance

Compliance

Common Frameworks

GDPR (General Data Protection Regulation)

EU data protection regulation.

Key Requirements:

  • Lawful basis for processing

  • Data minimization

  • Right to erasure

  • Data portability

  • Breach notification (72 hours)

  • Privacy by design

HIPAA (Health Insurance Portability and Accountability Act)

US healthcare data protection.

Key Requirements:

  • Access controls

  • Audit controls

  • Integrity controls

  • Transmission security

  • Business Associate Agreements

PCI-DSS (Payment Card Industry Data Security Standard)

Payment card data protection.

Key Requirements:

  • Network segmentation

  • Encryption of cardholder data

  • Access restrictions

  • Regular testing

  • Security policies

SOC 2 (Service Organization Control 2)

Trust service criteria.

Principles:

  • Security

  • Availability

  • Processing Integrity

  • Confidentiality

  • Privacy

Common Controls

Access Control

  • Unique user IDs
  • Strong authentication
  • Role-based access
  • Regular access reviews
  • Termination procedures

Data Protection

  • Encryption at rest
  • Encryption in transit
  • Key management
  • Data classification
  • Retention policies

Audit & Monitoring

  • Audit logging enabled
  • Log retention (1+ year)
  • Regular log review
  • Alerting on anomalies
  • Incident response plan

Documentation

  • Security policies
  • Procedures documented
  • Evidence collection
  • Regular reviews
  • Training records

Compliance Checklist

Control GDPR HIPAA PCI SOC2

Encryption Yes Yes Yes Yes

Access Control Yes Yes Yes Yes

Audit Logging Yes Yes Yes Yes

Breach Notification Yes Yes Yes Yes

Risk Assessment Yes Yes Yes Yes

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

Risk Assessment Framework

Performs detailed risk assessment by identifying, scoring, prioritizing risks, and proposing mitigation plans with owners, deadlines, and costs for informed...

Registry SourceRecently Updated
5360Profile unavailable
General

agile-methodology

No summary provided by upstream source.

Repository SourceNeeds Review
11-nguyenhuuca
General

designing-systems

No summary provided by upstream source.

Repository SourceNeeds Review
11-nguyenhuuca
General

execution-roadmaps

No summary provided by upstream source.

Repository SourceNeeds Review
11-nguyenhuuca