Compliance requirements se liší podle odvětví. Zde jsou praktické best practices.
Obecné best practices
1. Data Classification
from enum import Enum
class DataClassification(Enum):
PUBLIC = "public" # Can send to any tier
INTERNAL = "internal" # Team/Enterprise tier
CONFIDENTIAL = "confidential" # Enterprise only
RESTRICTED = "restricted" # Never send to cloud
def can_send_to_claude(classification: DataClassification, tier: str) -> bool:
rules = {
DataClassification.PUBLIC: ["free", "pro", "team", "enterprise"],
DataClassification.INTERNAL: ["team", "enterprise"],
DataClassification.CONFIDENTIAL: ["enterprise"],
DataClassification.RESTRICTED: [] # Never
}
return tier in rules[classification]2. Mandatory Disclaimers
def add_ai_disclaimer(output: str, context: str) -> str:
"""Add required disclaimers to AI-generated content"""
disclaimers = {
"legal": "\n\n---\n*This is AI-generated content and does not constitute legal advice. Consult a qualified attorney.*",
"medical": "\n\n---\n*AI-generated information. Not a substitute for professional medical advice.*",
"financial": "\n\n---\n*This is not financial advice. Consult a licensed financial advisor.*",
}
if context in disclaimers:
return output + disclaimers[context]
return output3. Human-in-the-Loop
class ApprovalWorkflow:
"""Vyžaduje lidské schválení pro určité akce"""
REQUIRES_APPROVAL = [
"send_email",
"publish_content",
"modify_database",
"deploy_code"
]
async def execute_with_approval(self, action: str, params: dict):
if action in self.REQUIRES_APPROVAL:
# Request human approval
approval = await self.request_approval(action, params)
if not approval.approved:
raise ApprovalDeniedError(approval.reason)
return await self.execute(action, params)Industry-Specific
Healthcare (HIPAA)
class HIPAACompliantClient:
"""Client pro HIPAA-compliant použití Claude"""
# PHI identifiers that must be removed
PHI_PATTERNS = [
'patient_name', 'ssn', 'dob', 'address',
'phone', 'email', 'mrn', 'insurance_id'
]
def __init__(self):
# Vyžaduje Enterprise + BAA
self.client = AnthropicEnterprise(
baa_signed=True,
hipaa_mode=True
)
def de_identify(self, data: dict) -> dict:
"""Remove PHI before sending"""
clean_data = {}
for key, value in data.items():
if key not in self.PHI_PATTERNS:
clean_data[key] = value
else:
clean_data[key] = "[REDACTED]"
return clean_data
def analyze_patient_data(self, data: dict):
# 1. De-identify
safe_data = self.de_identify(data)
# 2. Audit log
self.log_access(data_type="patient_record")
# 3. Send to Claude
return self.client.messages.create(...)Financial Services
class FinancialServicesCompliance:
"""Compliance pro finanční služby"""
def __init__(self):
self.prohibited_actions = [
"trading_recommendation",
"credit_decision",
"fraud_accusation"
]
def validate_request(self, intent: str, data: dict):
# Check prohibited actions
if intent in self.prohibited_actions:
raise ComplianceError(
f"Action '{intent}' requires human decision"
)
# Check for market-sensitive info
if self.contains_mnpi(data):
raise ComplianceError(
"Cannot process material non-public information"
)
return True
def contains_mnpi(self, data: dict) -> bool:
"""Check for material non-public information"""
mnpi_indicators = [
'earnings_preview', 'merger_discussion',
'insider_trading', 'unreleased_financials'
]
text = str(data).lower()
return any(ind in text for ind in mnpi_indicators)Government/Public Sector
class GovCloudCompliance:
"""Compliance pro vládní sektor"""
def __init__(self):
# FedRAMP authorized environment
self.client = Anthropic(
base_url="https://api.anthropic.gov", # Hypothetical
fedramp_mode=True
)
self.classification_levels = {
"unclassified": True,
"cui": True, # Controlled Unclassified
"secret": False, # Never in cloud
"top_secret": False
}
def check_classification(self, document: str) -> str:
"""Determine classification level"""
# This would use actual classification markers
if "SECRET" in document:
return "secret"
elif "CUI" in document:
return "cui"
return "unclassified"
def process_document(self, document: str):
level = self.check_classification(document)
if not self.classification_levels.get(level, False):
raise ClassificationError(
f"Cannot process {level} documents in cloud"
)
return self.client.messages.create(...)Compliance Checklist
class ComplianceChecker:
"""Pre-flight compliance check"""
def check(self, request: dict, context: dict) -> list:
issues = []
# Data classification
if not context.get('data_classification'):
issues.append("Missing data classification")
# User authorization
if not self.user_authorized(context.get('user_id')):
issues.append("User not authorized for AI tools")
# Sensitive data scan
sensitive = self.scan_for_sensitive(request)
if sensitive:
issues.append(f"Contains sensitive data: {sensitive}")
# Rate limits (cost controls)
if self.exceeds_budget(context.get('user_id')):
issues.append("User exceeded AI budget")
# Audit trail
if not context.get('audit_enabled'):
issues.append("Audit logging not enabled")
return issues
def pre_flight(self, request: dict, context: dict):
issues = self.check(request, context)
if issues:
raise ComplianceError(issues)
return TrueCompliance není překážka - je to základ důvěryhodnosti.