Integrations Inventory and Attributes - Compliance and Regulatory attributes for the Integrations Inventory

Integrations Inventory and Attributes

Chapter 28. Compliance and Regulatory attributes for the Integrations Inventory

Compliance and Regulatory attributes capture the regulatory obligations that apply to data transmitted through this Integration and the current compliance status.

Attribute Name	Maturity	Description and Notes
Regulatory Obligations [Multi-Value]	Walk	Description — The specific regulatory requirements, laws, or compliance frameworks that apply to the data transmitted through this integration. Benefit(s) — Enables per-integration regulatory scoping. When a regulator asks for all integrations in scope for GDPR Article 28 or HIPAA Security Rule, this attribute produces the answer directly. Source — Manual. Examples — GDPR Article 28; HIPAA Security Rule; PCI-DSS Requirement 4; SOX Section 404; CCPA; DORA Article 6 Notes — Separate multiple obligations with semicolons. Derive from the Data Sensitivities attribute — PII typically triggers GDPR/CCPA; PHI triggers HIPAA; PCI triggers PCI-DSS.
Compliance Status	Walk	Description — The current compliance status of this integration with respect to its applicable regulatory obligations and enterprise standards. Benefit(s) — Enables a compliance dashboard at the integration level — surfacing which integrations have open compliance gaps requiring remediation. Source — Manual. Examples — Compliant, Partially Compliant, Non-Compliant, Under Assessment Notes — Valid values: Compliant, Partially Compliant, Non-Compliant, Under Assessment.

Attribute Name

Maturity

Description and Notes

Regulatory Obligations

[Multi-Value]

Walk

Description — The specific regulatory requirements, laws, or compliance frameworks that apply to the data transmitted through this integration.

Benefit(s) — Enables per-integration regulatory scoping. When a regulator asks for all integrations in scope for GDPR Article 28 or HIPAA Security Rule, this attribute produces the answer directly.

Source — Manual.

Examples — GDPR Article 28; HIPAA Security Rule; PCI-DSS Requirement 4; SOX Section 404; CCPA; DORA Article 6

Notes — Separate multiple obligations with semicolons. Derive from the Data Sensitivities attribute — PII typically triggers GDPR/CCPA; PHI triggers HIPAA; PCI triggers PCI-DSS.

Compliance Status

Walk

Description — The current compliance status of this integration with respect to its applicable regulatory obligations and enterprise standards.

Benefit(s) — Enables a compliance dashboard at the integration level — surfacing which integrations have open compliance gaps requiring remediation.

Source — Manual.

Examples — Compliant, Partially Compliant, Non-Compliant, Under Assessment

Notes — Valid values: Compliant, Partially Compliant, Non-Compliant, Under Assessment.

Legal Disclaimers