use crate::compliance::{ComplianceCheckResult, ComplianceStandard};
pub struct HipaaCompliance {
encryption_enabled: bool,
access_controls_enabled: bool,
audit_controls_enabled: bool,
#[allow(dead_code)]
integrity_controls_enabled: bool,
#[allow(dead_code)]
transmission_security_enabled: bool,
}
impl HipaaCompliance {
pub fn new() -> Self {
Self {
encryption_enabled: false,
access_controls_enabled: false,
audit_controls_enabled: false,
integrity_controls_enabled: false,
transmission_security_enabled: false,
}
}
pub fn check(&self) -> ComplianceCheckResult {
let mut issues = Vec::new();
let mut recommendations = Vec::new();
if !self.encryption_enabled {
issues.push("PHI encryption not enabled".to_string());
recommendations.push("Enable encryption for all PHI".to_string());
}
if !self.access_controls_enabled {
issues.push("Access controls not properly configured".to_string());
recommendations.push("Implement role-based access controls".to_string());
}
if !self.audit_controls_enabled {
issues.push("Audit controls not enabled".to_string());
recommendations.push("Enable comprehensive audit logging".to_string());
}
ComplianceCheckResult {
standard: ComplianceStandard::HIPAA,
compliant: issues.is_empty(),
issues,
recommendations,
}
}
}
impl Default for HipaaCompliance {
fn default() -> Self {
Self::new()
}
}