{
  "security": {
    "kms_encryption": true,
    "iam_least_privilege": false,
    "security_group_restrictions": true,
    "mfa_enabled": true,
    "ssl_tls_enforced": true,
    "password_policy_compliant": true,
    "firewall_configured": true
  },
  "privacy": {
    "hipaa_compliant": true,
    "gdpr_ready": true,
    "phi_detection_enabled": true,
    "data_anonymization": true,
    "consent_management": true,
    "right_to_erasure": true
  },
  "infrastructure": {
    "logging_enabled": true,
    "monitoring_active": true,
    "backup_configured": true,
    "disaster_recovery_plan": false,
    "patch_management": true,
    "vulnerability_scanning": true
  },
  "operational": {
    "incident_response_plan": true,
    "security_training_current": false,
    "access_reviews_completed": true,
    "change_management_process": true,
    "documentation_up_to_date": true
  },
  "audit": {
    "last_audit_date": "2024-10-15",
    "next_audit_due": "2025-01-15",
    "findings_resolved": 12,
    "findings_pending": 3,
    "compliance_score": 85.7
  }
}