Skip to main content

Compliance Review Checklist

Reviewed on: 2026-01-21 Status: Draft (requires legal/compliance review)

This checklist highlights common compliance targets for Primus deployments in the US and India. It does not constitute legal advice.

United States

HIPAA (if PHI is processed)
PCI-DSS (if card data is processed)
SOC 2 (security, availability, confidentiality)
State privacy laws (e.g., CCPA/CPRA)

India

DPDP Act compliance
RBI guidelines (banking)
IRDAI guidelines (insurance)
PCI-DSS (if card data is processed)

Required Evidence

Data classification and inventory
Data retention and deletion policies
Access control and audit logs
Incident response and breach notification process

Review Log

2026-01-21: Checklist documented. Formal review pending.

United States
India
Required Evidence
Review Log