GDPR Export & Purge APIs
Art. 17 right-to-erasure. Export/purge endpoints. Metadata-only logging — content never stored.
GDPR Art. 35 DPIA
Full Data Protection Impact Assessment. Necessity, proportionality, risk mitigation analysis documented.
SOC 2 Type II Evidence
Control mapping + auditor collection procedures. Pre-built evidence bundles from MinIO. ScreencastRecorder.
Secrets Governance
5 vault connectors (AWS SM, Azure KV, HashiCorp, GCP SM, Env). SQLite inventory. Expiry alerts, rotation.
Multi-tenant Auth (Fail-closed)
Per-tenant API keys. SHA-256 constant-time compare. Startup raises RuntimeError if key unset.
ISO 27001 Annex A control mapping
Map platform controls to ISO 27001 Annex A, providing clear evidence of compliance with international information security standards.
HIPAA technical safeguards attestation (encryption, audit, access control)
Attestation of HIPAA-required technical safeguards: encryption in transit and at rest, comprehensive audit logging, and role-based access control.
NIS2 Directive compliance report
Generate compliance reports meeting NIS2 Directive requirements for critical infrastructure and digital services — risk management, incident response, and supply chain security.
Continuous compliance scoring dashboard — real-time SOC 2 / GDPR / ISO posture
Real-time dashboard that continuously scores compliance posture against SOC 2, GDPR, and ISO 27001, enabling instant visibility into regulatory alignment.
Data retention policy enforcement — tenant-configurable per data_class
Tenant-configurable data retention policies per data_class with automatic enforcement and deletion schedules to meet compliance requirements.
Real-time Compliance Dashboard
Live multi-source compliance scoring (GDPR/SOC2/ISO27001/HIPAA) with automated gap detection, remediation guidance, WebSocket updates, portal self-service page, and SOVA tools for AI-assisted compliance management.