@gpt-platform/client 0.10.5 → 0.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (155) hide show
  1. package/dist/_internal/client/client.gen.d.ts +3 -0
  2. package/dist/_internal/client/client.gen.d.ts.map +1 -0
  3. package/dist/_internal/client/index.d.ts +9 -0
  4. package/dist/_internal/client/index.d.ts.map +1 -0
  5. package/dist/_internal/client/types.gen.d.ts +118 -0
  6. package/dist/_internal/client/types.gen.d.ts.map +1 -0
  7. package/dist/_internal/client/utils.gen.d.ts +34 -0
  8. package/dist/_internal/client/utils.gen.d.ts.map +1 -0
  9. package/dist/_internal/client.gen.d.ts +13 -0
  10. package/dist/_internal/client.gen.d.ts.map +1 -0
  11. package/dist/_internal/core/auth.gen.d.ts +19 -0
  12. package/dist/_internal/core/auth.gen.d.ts.map +1 -0
  13. package/dist/_internal/core/bodySerializer.gen.d.ts +26 -0
  14. package/dist/_internal/core/bodySerializer.gen.d.ts.map +1 -0
  15. package/dist/_internal/core/params.gen.d.ts +44 -0
  16. package/dist/_internal/core/params.gen.d.ts.map +1 -0
  17. package/dist/_internal/core/pathSerializer.gen.d.ts +34 -0
  18. package/dist/_internal/core/pathSerializer.gen.d.ts.map +1 -0
  19. package/dist/_internal/core/queryKeySerializer.gen.d.ts +19 -0
  20. package/dist/_internal/core/queryKeySerializer.gen.d.ts.map +1 -0
  21. package/dist/_internal/core/serverSentEvents.gen.d.ts +72 -0
  22. package/dist/_internal/core/serverSentEvents.gen.d.ts.map +1 -0
  23. package/dist/_internal/core/types.gen.d.ts +79 -0
  24. package/dist/_internal/core/types.gen.d.ts.map +1 -0
  25. package/dist/_internal/core/utils.gen.d.ts +20 -0
  26. package/dist/_internal/core/utils.gen.d.ts.map +1 -0
  27. package/dist/_internal/index.d.ts +3 -0
  28. package/dist/_internal/index.d.ts.map +1 -0
  29. package/dist/_internal/sdk.gen.d.ts +7053 -0
  30. package/dist/_internal/sdk.gen.d.ts.map +1 -0
  31. package/dist/_internal/types.gen.d.ts +146633 -0
  32. package/dist/_internal/types.gen.d.ts.map +1 -0
  33. package/dist/base-client.d.ts +199 -0
  34. package/dist/base-client.d.ts.map +1 -0
  35. package/dist/errors/index.d.ts +128 -0
  36. package/dist/errors/index.d.ts.map +1 -0
  37. package/dist/events.d.ts +69 -0
  38. package/dist/events.d.ts.map +1 -0
  39. package/dist/execution-events.d.ts +95 -0
  40. package/dist/execution-events.d.ts.map +1 -0
  41. package/dist/gpt-client.d.ts +2175 -0
  42. package/dist/gpt-client.d.ts.map +1 -0
  43. package/dist/index.d.ts +51 -30734
  44. package/dist/index.d.ts.map +1 -0
  45. package/dist/index.js +311 -4
  46. package/dist/index.js.map +1 -1
  47. package/dist/index.mjs +311 -4
  48. package/dist/index.mjs.map +1 -1
  49. package/dist/json-api.d.ts +26 -0
  50. package/dist/json-api.d.ts.map +1 -0
  51. package/dist/logging.d.ts +22 -0
  52. package/dist/logging.d.ts.map +1 -0
  53. package/dist/namespace-types.d.ts +79 -0
  54. package/dist/namespace-types.d.ts.map +1 -0
  55. package/dist/namespaces/access-grants.d.ts +71 -0
  56. package/dist/namespaces/access-grants.d.ts.map +1 -0
  57. package/dist/namespaces/agents.d.ts +1406 -0
  58. package/dist/namespaces/agents.d.ts.map +1 -0
  59. package/dist/namespaces/ai.d.ts +407 -0
  60. package/dist/namespaces/ai.d.ts.map +1 -0
  61. package/dist/namespaces/audit.d.ts +83 -0
  62. package/dist/namespaces/audit.d.ts.map +1 -0
  63. package/dist/namespaces/billing.d.ts +854 -0
  64. package/dist/namespaces/billing.d.ts.map +1 -0
  65. package/dist/namespaces/campaigns.d.ts +973 -0
  66. package/dist/namespaces/campaigns.d.ts.map +1 -0
  67. package/dist/namespaces/catalog.d.ts +964 -0
  68. package/dist/namespaces/catalog.d.ts.map +1 -0
  69. package/dist/namespaces/channels.d.ts +162 -0
  70. package/dist/namespaces/channels.d.ts.map +1 -0
  71. package/dist/namespaces/clinical.d.ts +2443 -0
  72. package/dist/namespaces/clinical.d.ts.map +1 -0
  73. package/dist/namespaces/communication.d.ts +439 -0
  74. package/dist/namespaces/communication.d.ts.map +1 -0
  75. package/dist/namespaces/compliance.d.ts +2310 -0
  76. package/dist/namespaces/compliance.d.ts.map +1 -0
  77. package/dist/namespaces/connectors.d.ts +1368 -0
  78. package/dist/namespaces/connectors.d.ts.map +1 -0
  79. package/dist/namespaces/content.d.ts +188 -0
  80. package/dist/namespaces/content.d.ts.map +1 -0
  81. package/dist/namespaces/crawler.d.ts +408 -0
  82. package/dist/namespaces/crawler.d.ts.map +1 -0
  83. package/dist/namespaces/crm-clusters.d.ts +31 -0
  84. package/dist/namespaces/crm-clusters.d.ts.map +1 -0
  85. package/dist/namespaces/crm.d.ts +1539 -0
  86. package/dist/namespaces/crm.d.ts.map +1 -0
  87. package/dist/namespaces/documents.d.ts +136 -0
  88. package/dist/namespaces/documents.d.ts.map +1 -0
  89. package/dist/namespaces/email.d.ts +550 -0
  90. package/dist/namespaces/email.d.ts.map +1 -0
  91. package/dist/namespaces/extraction.d.ts +1249 -0
  92. package/dist/namespaces/extraction.d.ts.map +1 -0
  93. package/dist/namespaces/identity.d.ts +411 -0
  94. package/dist/namespaces/identity.d.ts.map +1 -0
  95. package/dist/namespaces/imports.d.ts +177 -0
  96. package/dist/namespaces/imports.d.ts.map +1 -0
  97. package/dist/namespaces/index.d.ts +119 -0
  98. package/dist/namespaces/index.d.ts.map +1 -0
  99. package/dist/namespaces/memory.d.ts +105 -0
  100. package/dist/namespaces/memory.d.ts.map +1 -0
  101. package/dist/namespaces/models.d.ts +75 -0
  102. package/dist/namespaces/models.d.ts.map +1 -0
  103. package/dist/namespaces/permissions.d.ts +75 -0
  104. package/dist/namespaces/permissions.d.ts.map +1 -0
  105. package/dist/namespaces/pipeline-executions.d.ts +130 -0
  106. package/dist/namespaces/pipeline-executions.d.ts.map +1 -0
  107. package/dist/namespaces/pipelines.d.ts +120 -0
  108. package/dist/namespaces/pipelines.d.ts.map +1 -0
  109. package/dist/namespaces/platform.d.ts +1430 -0
  110. package/dist/namespaces/platform.d.ts.map +1 -0
  111. package/dist/namespaces/portal.d.ts +198 -0
  112. package/dist/namespaces/portal.d.ts.map +1 -0
  113. package/dist/namespaces/projects.d.ts +553 -0
  114. package/dist/namespaces/projects.d.ts.map +1 -0
  115. package/dist/namespaces/roles.d.ts +65 -0
  116. package/dist/namespaces/roles.d.ts.map +1 -0
  117. package/dist/namespaces/scheduling.d.ts +944 -0
  118. package/dist/namespaces/scheduling.d.ts.map +1 -0
  119. package/dist/namespaces/search.d.ts +224 -0
  120. package/dist/namespaces/search.d.ts.map +1 -0
  121. package/dist/namespaces/session-notes.d.ts +67 -0
  122. package/dist/namespaces/session-notes.d.ts.map +1 -0
  123. package/dist/namespaces/social.d.ts +330 -0
  124. package/dist/namespaces/social.d.ts.map +1 -0
  125. package/dist/namespaces/storage.d.ts +378 -0
  126. package/dist/namespaces/storage.d.ts.map +1 -0
  127. package/dist/namespaces/support.d.ts +427 -0
  128. package/dist/namespaces/support.d.ts.map +1 -0
  129. package/dist/namespaces/threads.d.ts +596 -0
  130. package/dist/namespaces/threads.d.ts.map +1 -0
  131. package/dist/namespaces/training.d.ts +358 -0
  132. package/dist/namespaces/training.d.ts.map +1 -0
  133. package/dist/namespaces/voice.d.ts +752 -0
  134. package/dist/namespaces/voice.d.ts.map +1 -0
  135. package/dist/namespaces/watcher.d.ts +425 -0
  136. package/dist/namespaces/watcher.d.ts.map +1 -0
  137. package/dist/namespaces/webhooks-ns.d.ts +3 -0
  138. package/dist/namespaces/webhooks-ns.d.ts.map +1 -0
  139. package/dist/pagination.d.ts +57 -0
  140. package/dist/pagination.d.ts.map +1 -0
  141. package/dist/request-builder.d.ts +95 -0
  142. package/dist/request-builder.d.ts.map +1 -0
  143. package/dist/security.d.ts +32 -0
  144. package/dist/security.d.ts.map +1 -0
  145. package/dist/streaming.d.ts +135 -0
  146. package/dist/streaming.d.ts.map +1 -0
  147. package/dist/utils/retry.d.ts +63 -0
  148. package/dist/utils/retry.d.ts.map +1 -0
  149. package/dist/version.d.ts +5 -0
  150. package/dist/version.d.ts.map +1 -0
  151. package/dist/webhook-signature.d.ts +109 -0
  152. package/dist/webhook-signature.d.ts.map +1 -0
  153. package/llms.txt +7 -1
  154. package/package.json +286 -36
  155. package/dist/index.d.mts +0 -30734
package/dist/namespaces/compliance.d.ts ADDED
@@ -0,0 +1,2310 @@
1
+ import type { AuditLog, AuditChainEntry, BreachIncident, BreachNotification, ConsentRecord, DataProtectionImpactAssessment, LegalDocument, LegalAcceptance, ProcessingActivity, RetentionPolicy, DataSubjectRequest, ScanResult, RiskAssessment, DataTransferRecord, CdeScopeReport, AccessLog, DisclosureLog, AmendmentRequest, ComplianceDocumentTemplate, BusinessAssociateAgreement, PolicyReviewSchedule, ComplianceRequirement, ComplianceRequirementCompletion, ComplianceOfficerDesignation, EphiAsset, EphiDataFlow, BreachNotificationArtifact } from "../_internal/types.gen";
2
+ /** Attributes accepted when creating a breach incident. */
3
+ export type CreateBreachIncidentAttributes = {
4
+ description: string;
5
+ severity?: string;
6
+ affected_record_count?: number;
7
+ data_categories?: string[];
8
+ discovered_at?: string;
9
+ [key: string]: unknown;
10
+ };
11
+ /** Attributes accepted when creating a consent record. */
12
+ export type CreateConsentRecordAttributes = {
13
+ user_id: string;
14
+ consent_type: string;
15
+ document_version?: string;
16
+ [key: string]: unknown;
17
+ };
18
+ /** Attributes accepted when creating a DPIA. */
19
+ export type CreateImpactAssessmentAttributes = {
20
+ title: string;
21
+ description?: string;
22
+ risk_level?: string;
23
+ [key: string]: unknown;
24
+ };
25
+ /** Attributes accepted when updating a DPIA (PATCH semantics). */
26
+ export type UpdateImpactAssessmentAttributes = {
27
+ mitigating_measures?: string;
28
+ status?: string;
29
+ [key: string]: unknown;
30
+ };
31
+ /** Attributes accepted when creating a processing activity. */
32
+ export type CreateProcessingActivityAttributes = {
33
+ name: string;
34
+ purpose?: string;
35
+ legal_basis?: string;
36
+ data_categories?: string[];
37
+ retention_period?: string;
38
+ [key: string]: unknown;
39
+ };
40
+ /** Attributes accepted when creating a retention policy. */
41
+ export type CreateRetentionPolicyAttributes = {
42
+ name: string;
43
+ resource_type: string;
44
+ retention_days: number;
45
+ action_on_expiry?: string;
46
+ [key: string]: unknown;
47
+ };
48
+ /** Attributes accepted when updating a retention policy (PATCH semantics). */
49
+ export type UpdateRetentionPolicyAttributes = {
50
+ retention_days?: number;
51
+ action_on_expiry?: string;
52
+ [key: string]: unknown;
53
+ };
54
+ /** Attributes accepted when creating a data subject request. */
55
+ export type CreateDataSubjectRequestAttributes = {
56
+ request_type: string;
57
+ subject_email: string;
58
+ notes?: string;
59
+ [key: string]: unknown;
60
+ };
61
+ /** Attributes accepted when creating a legal document. */
62
+ export type CreateLegalDocumentAttributes = {
63
+ doc_type: string;
64
+ title: string;
65
+ content: string;
66
+ version?: string;
67
+ locale?: string;
68
+ [key: string]: unknown;
69
+ };
70
+ /** Attributes accepted when updating a legal document (PATCH semantics). */
71
+ export type UpdateLegalDocumentAttributes = {
72
+ title?: string;
73
+ content?: string;
74
+ version?: string;
75
+ locale?: string;
76
+ [key: string]: unknown;
77
+ };
78
+ /** Compliance posture snapshot for a workspace. */
79
+ export interface CompliancePosture {
80
+ workspace_id: string;
81
+ open_breaches: number;
82
+ total_breaches: number;
83
+ breach_breakdown: Record<string, number>;
84
+ overdue_dsrs: number;
85
+ pending_dsrs: number;
86
+ total_dsrs: number;
87
+ risk_assessments_by_level: Record<string, number>;
88
+ expiring_risk_assessments: number;
89
+ active_retention_policies: number;
90
+ total_retention_policies: number;
91
+ pii_scans_last_30d: number;
92
+ pii_scan_breakdown: Record<string, number>;
93
+ workspace_consents: number;
94
+ total_consent_subjects: number;
95
+ frameworks: ComplianceFrameworkReadiness[];
96
+ }
97
+ /** Regulatory framework readiness summary. */
98
+ export interface ComplianceFrameworkReadiness {
99
+ framework: string;
100
+ requirements_met: number;
101
+ total_requirements: number;
102
+ coverage_percentage: number;
103
+ gaps: string[];
104
+ }
105
+ import type { RequestOptions } from "../base-client";
106
+ import { RequestBuilder } from "../request-builder";
107
+ /**
108
+ * Compliance namespace for HIPAA/GDPR audit logs, breach incidents,
109
+ * consent records, Data Protection Impact Assessments (DPIAs), processing
110
+ * activities, retention policies, data subject requests, legal documents,
111
+ * and PII scan results.
112
+ *
113
+ * Access via `client.compliance`.
114
+ *
115
+ * @example
116
+ * ```typescript
117
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
118
+ *
119
+ * // Record user consent
120
+ * const record = await client.compliance.consentRecords.create({
121
+ * user_id: 'user_abc123',
122
+ * consent_type: 'marketing_emails',
123
+ * document_version: '2025-01',
124
+ * });
125
+ * ```
126
+ */
127
+ export declare function createComplianceNamespace(rb: RequestBuilder): {
128
+ /**
129
+ * Audit Logs — immutable, append-only event trail.
130
+ *
131
+ * Every significant action on platform resources is recorded as an
132
+ * `AuditLog` entry. Entries are immutable — they cannot be modified
133
+ * or deleted via the API. Use `auditChain` for tamper-evident
134
+ * cryptographic verification of the log sequence.
135
+ */
136
+ auditLogs: {
137
+ /**
138
+ * List audit log entries with optional pagination.
139
+ *
140
+ * Returns one page of immutable audit log entries ordered by time
141
+ * (most recent first). Entries include actor identity, resource type,
142
+ * action performed, and timestamp.
143
+ *
144
+ * @param options - Optional page number, page size, and request options.
145
+ * @returns A page of `AuditLog` entries.
146
+ *
147
+ * @example
148
+ * ```typescript
149
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
150
+ * const logs = await client.compliance.auditLogs.list({ page: 1, pageSize: 50 });
151
+ * logs.forEach(l => console.log(l.attributes?.action, l.attributes?.actor_id));
152
+ * ```
153
+ */
154
+ list: (options?: {
155
+ page?: number;
156
+ pageSize?: number;
157
+ } & RequestOptions) => Promise<AuditLog[]>;
158
+ };
159
+ /**
160
+ * Audit Chain Entries — tamper-evident cryptographic audit chain.
161
+ *
162
+ * Each `AuditChainEntry` contains a hash of the previous entry, forming
163
+ * a linked chain. Verifying the chain integrity proves that no audit log
164
+ * entries have been inserted, deleted, or modified after the fact.
165
+ * Use for regulatory compliance evidence and forensic investigations.
166
+ */
167
+ auditChain: {
168
+ /**
169
+ * List audit chain entries with optional pagination.
170
+ *
171
+ * Returns chain entries in order. Each entry includes its own hash
172
+ * and the hash of the previous entry, enabling sequential verification.
173
+ *
174
+ * @param options - Optional page number, page size, and request options.
175
+ * @returns A page of `AuditChainEntry` records.
176
+ *
177
+ * @example
178
+ * ```typescript
179
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
180
+ * const chain = await client.compliance.auditChain.list({ pageSize: 100 });
181
+ * // Verify chain integrity by checking prev_hash matches prior entry hash
182
+ * ```
183
+ */
184
+ list: (options?: {
185
+ page?: number;
186
+ pageSize?: number;
187
+ } & RequestOptions) => Promise<AuditChainEntry[]>;
188
+ /**
189
+ * Retrieve a single audit chain entry by its ID.
190
+ *
191
+ * Use to inspect a specific link in the chain, e.g., when verifying
192
+ * the hash of a particular audit log entry.
193
+ *
194
+ * @param id - The UUID of the audit chain entry.
195
+ * @param options - Optional request options.
196
+ * @returns The matching `AuditChainEntry` with hash values.
197
+ *
198
+ * @example
199
+ * ```typescript
200
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
201
+ * const entry = await client.compliance.auditChain.get('ace_abc123');
202
+ * console.log(entry.attributes?.hash, entry.attributes?.prev_hash);
203
+ * ```
204
+ */
205
+ get: (id: string, options?: RequestOptions) => Promise<AuditChainEntry>;
206
+ };
207
+ /**
208
+ * Breach Incidents — data breach tracking and status management.
209
+ *
210
+ * GDPR Article 33 requires notification of data breaches to supervisory
211
+ * authorities within 72 hours of discovery. Use `create` to open an
212
+ * incident immediately upon discovery, then `updateStatus` to track
213
+ * the investigation and notification lifecycle.
214
+ */
215
+ breachIncidents: {
216
+ /**
217
+ * List breach incidents with optional pagination.
218
+ *
219
+ * Returns all breach incidents accessible to the current actor,
220
+ * ordered by `reported_at` descending (most recent first).
221
+ *
222
+ * @param options - Optional page number, page size, and request options.
223
+ * @returns A page of `BreachIncident` records.
224
+ *
225
+ * @example
226
+ * ```typescript
227
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
228
+ * const incidents = await client.compliance.breachIncidents.list();
229
+ * incidents.forEach(i => console.log(i.attributes?.status, i.attributes?.reported_at));
230
+ * ```
231
+ */
232
+ list: (options?: {
233
+ page?: number;
234
+ pageSize?: number;
235
+ } & RequestOptions) => Promise<BreachIncident[]>;
236
+ /**
237
+ * Retrieve a single breach incident by its ID.
238
+ *
239
+ * @param id - The UUID of the breach incident.
240
+ * @param options - Optional request options.
241
+ * @returns The matching `BreachIncident` record.
242
+ *
243
+ * @example
244
+ * ```typescript
245
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
246
+ * const incident = await client.compliance.breachIncidents.get('bi_abc123');
247
+ * console.log(incident.attributes?.description, incident.attributes?.severity);
248
+ * ```
249
+ */
250
+ get: (id: string, options?: RequestOptions) => Promise<BreachIncident>;
251
+ /**
252
+ * Report a new data breach incident.
253
+ *
254
+ * Creates a breach incident record. Under GDPR Article 33, breaches
255
+ * must be reported to the supervisory authority within 72 hours of
256
+ * discovery — call this immediately upon detection. Typical attributes:
257
+ * `description`, `severity` (`"low"` | `"medium"` | `"high"` | `"critical"`),
258
+ * `affected_record_count`, `data_categories`, and `discovered_at`.
259
+ *
260
+ * @param attributes - Incident details. `description` and `discovered_at`
261
+ * are required by most regulatory frameworks.
262
+ * @param options - Optional request options.
263
+ * @returns The newly created `BreachIncident` with `status: "open"`.
264
+ *
265
+ * @example
266
+ * ```typescript
267
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
268
+ * const incident = await client.compliance.breachIncidents.create({
269
+ * description: 'Unauthorized access to patient records via misconfigured API endpoint.',
270
+ * severity: 'high',
271
+ * affected_record_count: 342,
272
+ * data_categories: ['health_data', 'contact_info'],
273
+ * discovered_at: new Date().toISOString(),
274
+ * });
275
+ * console.log('Incident opened:', incident.id);
276
+ * ```
277
+ */
278
+ create: (attributes: CreateBreachIncidentAttributes, options?: RequestOptions) => Promise<BreachIncident>;
279
+ /**
280
+ * Update the status of a breach incident.
281
+ *
282
+ * Advances the incident through its lifecycle. Common status values:
283
+ * `"under_investigation"`, `"contained"`, `"notified"`, `"resolved"`,
284
+ * `"closed"`. Status transitions are logged for regulatory evidence.
285
+ *
286
+ * @param id - The UUID of the breach incident to update.
287
+ * @param status - The new status string.
288
+ * @param options - Optional request options.
289
+ * @returns The updated `BreachIncident` with the new status.
290
+ *
291
+ * @example
292
+ * ```typescript
293
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
294
+ * const incident = await client.compliance.breachIncidents.updateStatus(
295
+ * 'bi_abc123',
296
+ * 'contained',
297
+ * );
298
+ * console.log(incident.attributes?.status); // "contained"
299
+ * ```
300
+ */
301
+ updateStatus: (id: string, status: string, options?: RequestOptions) => Promise<BreachIncident>;
302
+ };
303
+ /**
304
+ * Breach Notifications — regulatory notification records for breach incidents.
305
+ *
306
+ * When a breach incident requires notifying a supervisory authority or
307
+ * affected data subjects, `BreachNotification` records track what was sent,
308
+ * to whom, and when. These are read-only via the client SDK — notifications
309
+ * are generated by the platform when `breachIncidents.updateStatus` transitions
310
+ * an incident to a notifiable state.
311
+ */
312
+ breachNotifications: {
313
+ /**
314
+ * List breach notifications with optional pagination.
315
+ *
316
+ * @param options - Optional page number, page size, and request options.
317
+ * @returns A page of `BreachNotification` records.
318
+ *
319
+ * @example
320
+ * ```typescript
321
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
322
+ * const notifications = await client.compliance.breachNotifications.list();
323
+ * notifications.forEach(n => console.log(n.attributes?.recipient, n.attributes?.sent_at));
324
+ * ```
325
+ */
326
+ list: (options?: {
327
+ page?: number;
328
+ pageSize?: number;
329
+ } & RequestOptions) => Promise<BreachNotification[]>;
330
+ /**
331
+ * Retrieve a single breach notification by its ID.
332
+ *
333
+ * @param id - The UUID of the breach notification.
334
+ * @param options - Optional request options.
335
+ * @returns The matching `BreachNotification` record.
336
+ *
337
+ * @example
338
+ * ```typescript
339
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
340
+ * const notification = await client.compliance.breachNotifications.get('bn_abc123');
341
+ * console.log(notification.attributes?.recipient_type, notification.attributes?.sent_at);
342
+ * ```
343
+ */
344
+ get: (id: string, options?: RequestOptions) => Promise<BreachNotification>;
345
+ };
346
+ /**
347
+ * Consent Records — user consent tracking per GDPR Article 7.
348
+ *
349
+ * Every instance of user consent (e.g., accepting a privacy policy,
350
+ * opting in to marketing) should be recorded here. Records are immutable
351
+ * once created. Withdrawal creates a new record with `withdrawn: true`
352
+ * rather than modifying the original.
353
+ */
354
+ consentRecords: {
355
+ /**
356
+ * List consent records with optional pagination.
357
+ *
358
+ * Returns all consent records accessible to the current actor.
359
+ *
360
+ * @param options - Optional page number, page size, and request options.
361
+ * @returns A page of `ConsentRecord` entries.
362
+ *
363
+ * @example
364
+ * ```typescript
365
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
366
+ * const records = await client.compliance.consentRecords.list({ pageSize: 100 });
367
+ * ```
368
+ */
369
+ list: (options?: {
370
+ page?: number;
371
+ pageSize?: number;
372
+ } & RequestOptions) => Promise<ConsentRecord[]>;
373
+ /**
374
+ * Retrieve a single consent record by its ID.
375
+ *
376
+ * @param id - The UUID of the consent record.
377
+ * @param options - Optional request options.
378
+ * @returns The matching `ConsentRecord`.
379
+ *
380
+ * @example
381
+ * ```typescript
382
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
383
+ * const record = await client.compliance.consentRecords.get('cr_abc123');
384
+ * console.log(record.attributes?.consent_type, record.attributes?.withdrawn);
385
+ * ```
386
+ */
387
+ get: (id: string, options?: RequestOptions) => Promise<ConsentRecord>;
388
+ /**
389
+ * List currently active (non-withdrawn) consent records.
390
+ *
391
+ * Returns only records where `withdrawn` is `false` or `null`.
392
+ * Useful for determining which consents are currently in effect for
393
+ * a user before sending communications or processing their data.
394
+ *
395
+ * @param options - Optional request options.
396
+ * @returns All active `ConsentRecord` entries.
397
+ *
398
+ * @example
399
+ * ```typescript
400
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
401
+ * const active = await client.compliance.consentRecords.listActive();
402
+ * const hasMarketingConsent = active.some(
403
+ * r => r.attributes?.consent_type === 'marketing_emails',
404
+ * );
405
+ * ```
406
+ */
407
+ listActive: (options?: RequestOptions) => Promise<ConsentRecord[]>;
408
+ /**
409
+ * Record a new instance of user consent.
410
+ *
411
+ * Creates an immutable consent record. Typical attributes:
412
+ * `user_id`, `consent_type` (e.g., `"marketing_emails"`, `"terms_of_service"`),
413
+ * `document_version` (the legal document version accepted), and
414
+ * `ip_address` / `user_agent` for evidentiary purposes.
415
+ *
416
+ * @param attributes - Consent attributes. `user_id` and `consent_type` are required.
417
+ * @param options - Optional request options.
418
+ * @returns The newly created `ConsentRecord`.
419
+ *
420
+ * @example
421
+ * ```typescript
422
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
423
+ * const record = await client.compliance.consentRecords.create({
424
+ * user_id: 'user_abc123',
425
+ * consent_type: 'marketing_emails',
426
+ * document_version: '2025-01',
427
+ * });
428
+ * console.log('Consent recorded:', record.id);
429
+ * ```
430
+ */
431
+ create: (attributes: CreateConsentRecordAttributes, options?: RequestOptions) => Promise<ConsentRecord>;
432
+ /**
433
+ * Withdraw a previously given consent.
434
+ *
435
+ * Marks the consent record as withdrawn. Under GDPR, users have the right
436
+ * to withdraw consent at any time. Withdrawal creates an audit trail and
437
+ * the record is preserved for regulatory evidence. The original record
438
+ * remains accessible but is marked `withdrawn: true` with a `withdrawn_at`
439
+ * timestamp.
440
+ *
441
+ * @param id - The UUID of the consent record to withdraw.
442
+ * @param options - Optional request options.
443
+ * @returns The updated `ConsentRecord` with `withdrawn: true`.
444
+ *
445
+ * @example
446
+ * ```typescript
447
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
448
+ * const record = await client.compliance.consentRecords.withdraw('cr_abc123');
449
+ * console.log(record.attributes?.withdrawn); // true
450
+ * console.log(record.attributes?.withdrawn_at);
451
+ * ```
452
+ */
453
+ withdraw: (id: string, options?: RequestOptions) => Promise<ConsentRecord>;
454
+ };
455
+ /**
456
+ * Impact Assessments — Data Protection Impact Assessments (DPIA).
457
+ *
458
+ * GDPR Article 35 requires a DPIA before processing activities that are
459
+ * likely to result in high risks to individuals. DPIAs document the nature
460
+ * of processing, its necessity, risk assessment, and mitigating measures.
461
+ * An assessment moves through `draft` → `review` → `approved` states.
462
+ */
463
+ impactAssessments: {
464
+ /**
465
+ * List Data Protection Impact Assessments with optional pagination.
466
+ *
467
+ * @param options - Optional page number, page size, and request options.
468
+ * @returns A page of `DataProtectionImpactAssessment` records.
469
+ *
470
+ * @example
471
+ * ```typescript
472
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
473
+ * const dpias = await client.compliance.impactAssessments.list();
474
+ * dpias.forEach(d => console.log(d.attributes?.title, d.attributes?.status));
475
+ * ```
476
+ */
477
+ list: (options?: {
478
+ page?: number;
479
+ pageSize?: number;
480
+ } & RequestOptions) => Promise<DataProtectionImpactAssessment[]>;
481
+ /**
482
+ * Retrieve a single DPIA by its ID.
483
+ *
484
+ * @param id - The UUID of the DPIA.
485
+ * @param options - Optional request options.
486
+ * @returns The matching `DataProtectionImpactAssessment`.
487
+ *
488
+ * @example
489
+ * ```typescript
490
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
491
+ * const dpia = await client.compliance.impactAssessments.get('dpia_abc123');
492
+ * console.log(dpia.attributes?.risk_level, dpia.attributes?.status);
493
+ * ```
494
+ */
495
+ get: (id: string, options?: RequestOptions) => Promise<DataProtectionImpactAssessment>;
496
+ /**
497
+ * Create a new Data Protection Impact Assessment.
498
+ *
499
+ * Opens a DPIA in `draft` status. Typical attributes: `title`,
500
+ * `description`, `processing_activity_id` (link to the relevant
501
+ * processing activity), `risk_level`, and `mitigating_measures`.
502
+ *
503
+ * @param attributes - DPIA attributes. `title` is required.
504
+ * @param options - Optional request options.
505
+ * @returns The newly created `DataProtectionImpactAssessment`.
506
+ *
507
+ * @example
508
+ * ```typescript
509
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
510
+ * const dpia = await client.compliance.impactAssessments.create({
511
+ * title: 'AI-Assisted Clinical Note Processing DPIA',
512
+ * description: 'Assessment of risk for processing PHI through LLM pipeline.',
513
+ * risk_level: 'high',
514
+ * });
515
+ * console.log('DPIA created:', dpia.id);
516
+ * ```
517
+ */
518
+ create: (attributes: CreateImpactAssessmentAttributes, options?: RequestOptions) => Promise<DataProtectionImpactAssessment>;
519
+ /**
520
+ * Update an existing Data Protection Impact Assessment.
521
+ *
522
+ * Used to add or revise sections of a DPIA while it is in `draft` or
523
+ * `review` status. Approved assessments may be locked against edits
524
+ * depending on server policy.
525
+ *
526
+ * @param id - The UUID of the DPIA to update.
527
+ * @param attributes - Attribute map of fields to change.
528
+ * @param options - Optional request options.
529
+ * @returns The updated `DataProtectionImpactAssessment`.
530
+ *
531
+ * @example
532
+ * ```typescript
533
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
534
+ * const dpia = await client.compliance.impactAssessments.update('dpia_abc123', {
535
+ * mitigating_measures: 'Data minimized. Encryption at rest and in transit.',
536
+ * status: 'review',
537
+ * });
538
+ * ```
539
+ */
540
+ update: (id: string, attributes: UpdateImpactAssessmentAttributes, options?: RequestOptions) => Promise<DataProtectionImpactAssessment>;
541
+ /**
542
+ * Approve a Data Protection Impact Assessment.
543
+ *
544
+ * Transitions the DPIA from `review` to `approved` status. Records the
545
+ * approver's identity (from the current actor) and approval timestamp.
546
+ * Approved DPIAs are locked against further edits.
547
+ *
548
+ * @param id - The UUID of the DPIA to approve.
549
+ * @param options - Optional request options.
550
+ * @returns The updated `DataProtectionImpactAssessment` with `status: "approved"`.
551
+ *
552
+ * @example
553
+ * ```typescript
554
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
555
+ * const dpia = await client.compliance.impactAssessments.approve('dpia_abc123');
556
+ * console.log(dpia.attributes?.status); // "approved"
557
+ * console.log(dpia.attributes?.approved_at);
558
+ * ```
559
+ */
560
+ approve: (id: string, options?: RequestOptions) => Promise<DataProtectionImpactAssessment>;
561
+ };
562
+ /**
563
+ * Processing Activities — GDPR Article 30 records of processing.
564
+ *
565
+ * Article 30 requires organizations to maintain records of all processing
566
+ * activities. Each record describes a processing activity: what data is
567
+ * processed, for what purpose, under what legal basis, and with which
568
+ * third-party processors.
569
+ */
570
+ processingActivities: {
571
+ /**
572
+ * List processing activity records with optional pagination.
573
+ *
574
+ * @param options - Optional page number, page size, and request options.
575
+ * @returns A page of `ProcessingActivity` records.
576
+ *
577
+ * @example
578
+ * ```typescript
579
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
580
+ * const activities = await client.compliance.processingActivities.list();
581
+ * activities.forEach(a => console.log(a.attributes?.name, a.attributes?.legal_basis));
582
+ * ```
583
+ */
584
+ list: (options?: {
585
+ page?: number;
586
+ pageSize?: number;
587
+ } & RequestOptions) => Promise<ProcessingActivity[]>;
588
+ /**
589
+ * Retrieve a single processing activity by its ID.
590
+ *
591
+ * @param id - The UUID of the processing activity.
592
+ * @param options - Optional request options.
593
+ * @returns The matching `ProcessingActivity`.
594
+ *
595
+ * @example
596
+ * ```typescript
597
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
598
+ * const activity = await client.compliance.processingActivities.get('pa_abc123');
599
+ * console.log(activity.attributes?.data_categories);
600
+ * ```
601
+ */
602
+ get: (id: string, options?: RequestOptions) => Promise<ProcessingActivity>;
603
+ /**
604
+ * Create a new processing activity record.
605
+ *
606
+ * Typical attributes: `name`, `purpose`, `legal_basis`
607
+ * (e.g., `"legitimate_interest"`, `"consent"`, `"contract"`),
608
+ * `data_categories`, `data_subjects`, `recipients`, and `retention_period`.
609
+ *
610
+ * @param attributes - Processing activity attributes. `name` and `purpose`
611
+ * are required by GDPR Article 30.
612
+ * @param options - Optional request options.
613
+ * @returns The newly created `ProcessingActivity`.
614
+ *
615
+ * @example
616
+ * ```typescript
617
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
618
+ * const activity = await client.compliance.processingActivities.create({
619
+ * name: 'Clinical Note AI Processing',
620
+ * purpose: 'Generate structured clinical documentation from voice recordings.',
621
+ * legal_basis: 'consent',
622
+ * data_categories: ['health_data', 'biometric_data'],
623
+ * retention_period: '7 years',
624
+ * });
625
+ * ```
626
+ */
627
+ create: (attributes: CreateProcessingActivityAttributes, options?: RequestOptions) => Promise<ProcessingActivity>;
628
+ /**
629
+ * Delete a processing activity record.
630
+ *
631
+ * Use with caution — regulatory requirements may mandate that Article 30
632
+ * records be retained for the life of the organization.
633
+ *
634
+ * @param id - The UUID of the processing activity to delete.
635
+ * @param options - Optional request options.
636
+ * @returns `true` on successful deletion.
637
+ *
638
+ * @example
639
+ * ```typescript
640
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
641
+ * await client.compliance.processingActivities.delete('pa_abc123');
642
+ * ```
643
+ */
644
+ delete: (id: string, options?: RequestOptions) => Promise<true>;
645
+ };
646
+ /**
647
+ * Retention Policies — data lifecycle and automated deletion rules.
648
+ *
649
+ * Retention policies specify how long different categories of data should
650
+ * be kept and what happens when the retention period expires (deletion,
651
+ * anonymization, archival). Policies are evaluated by the platform's
652
+ * retention worker on a scheduled basis.
653
+ */
654
+ retentionPolicies: {
655
+ /**
656
+ * List retention policies with optional pagination.
657
+ *
658
+ * @param options - Optional page number, page size, and request options.
659
+ * @returns A page of `RetentionPolicy` records.
660
+ *
661
+ * @example
662
+ * ```typescript
663
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
664
+ * const policies = await client.compliance.retentionPolicies.list();
665
+ * policies.forEach(p => console.log(p.attributes?.name, p.attributes?.retention_days));
666
+ * ```
667
+ */
668
+ list: (options?: {
669
+ page?: number;
670
+ pageSize?: number;
671
+ } & RequestOptions) => Promise<RetentionPolicy[]>;
672
+ /**
673
+ * Retrieve a single retention policy by its ID.
674
+ *
675
+ * @param id - The UUID of the retention policy.
676
+ * @param options - Optional request options.
677
+ * @returns The matching `RetentionPolicy`.
678
+ *
679
+ * @example
680
+ * ```typescript
681
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
682
+ * const policy = await client.compliance.retentionPolicies.get('rp_abc123');
683
+ * console.log(policy.attributes?.action_on_expiry);
684
+ * ```
685
+ */
686
+ get: (id: string, options?: RequestOptions) => Promise<RetentionPolicy>;
687
+ /**
688
+ * Create a new retention policy.
689
+ *
690
+ * Typical attributes: `name`, `resource_type` (the type of data governed),
691
+ * `retention_days`, and `action_on_expiry`
692
+ * (`"delete"` | `"anonymize"` | `"archive"`).
693
+ *
694
+ * @param attributes - Retention policy attributes. `name`, `resource_type`,
695
+ * and `retention_days` are required.
696
+ * @param options - Optional request options.
697
+ * @returns The newly created `RetentionPolicy`.
698
+ *
699
+ * @example
700
+ * ```typescript
701
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
702
+ * const policy = await client.compliance.retentionPolicies.create({
703
+ * name: 'Voice Session 7-Year Retention',
704
+ * resource_type: 'voice_session',
705
+ * retention_days: 2555, // ~7 years
706
+ * action_on_expiry: 'delete',
707
+ * });
708
+ * ```
709
+ */
710
+ create: (attributes: CreateRetentionPolicyAttributes, options?: RequestOptions) => Promise<RetentionPolicy>;
711
+ /**
712
+ * Update an existing retention policy.
713
+ *
714
+ * Use to change retention duration, action on expiry, or applicability
715
+ * filters. Changes take effect on the next scheduler run.
716
+ *
717
+ * @param id - The UUID of the retention policy to update.
718
+ * @param attributes - Attribute map of fields to change.
719
+ * @param options - Optional request options.
720
+ * @returns The updated `RetentionPolicy`.
721
+ *
722
+ * @example
723
+ * ```typescript
724
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
725
+ * const policy = await client.compliance.retentionPolicies.update('rp_abc123', {
726
+ * retention_days: 3650, // Extend to 10 years
727
+ * });
728
+ * ```
729
+ */
730
+ update: (id: string, attributes: UpdateRetentionPolicyAttributes, options?: RequestOptions) => Promise<RetentionPolicy>;
731
+ /**
732
+ * Delete a retention policy.
733
+ *
734
+ * After deletion, data previously governed by this policy will no longer
735
+ * be subject to automated expiry actions. Existing data is not immediately
736
+ * affected.
737
+ *
738
+ * @param id - The UUID of the retention policy to delete.
739
+ * @param options - Optional request options.
740
+ * @returns `true` on successful deletion.
741
+ *
742
+ * @example
743
+ * ```typescript
744
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
745
+ * await client.compliance.retentionPolicies.delete('rp_abc123');
746
+ * ```
747
+ */
748
+ delete: (id: string, options?: RequestOptions) => Promise<true>;
749
+ };
750
+ /**
751
+ * Data Subject Requests — GDPR rights of access, erasure, and portability.
752
+ *
753
+ * GDPR grants data subjects rights including: right of access (Article 15),
754
+ * right to erasure (Article 17), right to data portability (Article 20).
755
+ * Use `create` when a user submits such a request. Track progress and
756
+ * outcomes via `updateStatus`.
757
+ */
758
+ dataSubjectRequests: {
759
+ /**
760
+ * List data subject requests with optional pagination.
761
+ *
762
+ * @param options - Optional page number, page size, and request options.
763
+ * @returns A page of `DataSubjectRequest` records.
764
+ *
765
+ * @example
766
+ * ```typescript
767
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
768
+ * const requests = await client.compliance.dataSubjectRequests.list();
769
+ * requests.forEach(r => console.log(r.attributes?.request_type, r.attributes?.status));
770
+ * ```
771
+ */
772
+ list: (options?: {
773
+ page?: number;
774
+ pageSize?: number;
775
+ } & RequestOptions) => Promise<DataSubjectRequest[]>;
776
+ /**
777
+ * Retrieve a single data subject request by its ID.
778
+ *
779
+ * @param id - The UUID of the data subject request.
780
+ * @param options - Optional request options.
781
+ * @returns The matching `DataSubjectRequest`.
782
+ *
783
+ * @example
784
+ * ```typescript
785
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
786
+ * const request = await client.compliance.dataSubjectRequests.get('dsr_abc123');
787
+ * console.log(request.attributes?.request_type, request.attributes?.due_by);
788
+ * ```
789
+ */
790
+ get: (id: string, options?: RequestOptions) => Promise<DataSubjectRequest>;
791
+ /**
792
+ * Submit a new data subject request.
793
+ *
794
+ * Creates a request record for processing. Typical attributes:
795
+ * `request_type` (e.g., `"access"`, `"erasure"`, `"portability"`),
796
+ * `subject_email`, `subject_id`, and any supporting `notes`.
797
+ * The platform may automatically calculate a `due_by` date based on
798
+ * GDPR's 30-day response requirement.
799
+ *
800
+ * @param attributes - Request attributes. `request_type` and `subject_email`
801
+ * are required.
802
+ * @param options - Optional request options.
803
+ * @returns The newly created `DataSubjectRequest` with `status: "pending"`.
804
+ *
805
+ * @example
806
+ * ```typescript
807
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
808
+ * const request = await client.compliance.dataSubjectRequests.create({
809
+ * request_type: 'erasure',
810
+ * subject_email: 'jane@example.com',
811
+ * notes: 'User requested full account deletion via settings page.',
812
+ * });
813
+ * console.log('DSR created, due by:', request.attributes?.due_by);
814
+ * ```
815
+ */
816
+ create: (attributes: CreateDataSubjectRequestAttributes, options?: RequestOptions) => Promise<DataSubjectRequest>;
817
+ /**
818
+ * Update the status of a data subject request.
819
+ *
820
+ * Advances the request through its handling lifecycle. Common status values:
821
+ * `"in_progress"`, `"awaiting_verification"`, `"completed"`, `"rejected"`.
822
+ * Status changes are time-stamped and added to the audit trail.
823
+ *
824
+ * @param id - The UUID of the data subject request.
825
+ * @param status - The new status string.
826
+ * @param options - Optional request options.
827
+ * @returns The updated `DataSubjectRequest` with the new status.
828
+ *
829
+ * @example
830
+ * ```typescript
831
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
832
+ * const request = await client.compliance.dataSubjectRequests.updateStatus(
833
+ * 'dsr_abc123',
834
+ * 'completed',
835
+ * );
836
+ * console.log(request.attributes?.status); // "completed"
837
+ * ```
838
+ */
839
+ updateStatus: (id: string, status: string, options?: RequestOptions) => Promise<DataSubjectRequest>;
840
+ };
841
+ /**
842
+ * Legal Documents — Terms of Service, Privacy Policy, and other legal agreements.
843
+ *
844
+ * Legal documents are versioned and locale-aware. Draft documents can be
845
+ * edited freely; published documents are visible to end users and drive
846
+ * the consent flow. Use `publish` / `unpublish` to control visibility.
847
+ */
848
+ legalDocuments: {
849
+ /**
850
+ * List legal documents with optional pagination.
851
+ *
852
+ * Returns all legal documents (draft and published) accessible to the
853
+ * current actor.
854
+ *
855
+ * @param options - Optional page number, page size, and request options.
856
+ * @returns A page of `LegalDocument` records.
857
+ *
858
+ * @example
859
+ * ```typescript
860
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
861
+ * const docs = await client.compliance.legalDocuments.list();
862
+ * docs.forEach(d => console.log(d.attributes?.doc_type, d.attributes?.published));
863
+ * ```
864
+ */
865
+ list: (options?: {
866
+ page?: number;
867
+ pageSize?: number;
868
+ } & RequestOptions) => Promise<LegalDocument[]>;
869
+ /**
870
+ * Retrieve a single legal document by its ID.
871
+ *
872
+ * @param id - The UUID of the legal document.
873
+ * @param options - Optional request options.
874
+ * @returns The matching `LegalDocument`.
875
+ *
876
+ * @example
877
+ * ```typescript
878
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
879
+ * const doc = await client.compliance.legalDocuments.get('ld_abc123');
880
+ * console.log(doc.attributes?.version, doc.attributes?.content);
881
+ * ```
882
+ */
883
+ get: (id: string, options?: RequestOptions) => Promise<LegalDocument>;
884
+ /**
885
+ * Create a new legal document (initially in draft status).
886
+ *
887
+ * Typical attributes: `doc_type` (e.g., `"terms_of_service"`,
888
+ * `"privacy_policy"`), `title`, `content` (HTML or Markdown),
889
+ * `version`, and `locale` (BCP-47 language tag, e.g., `"en-US"`).
890
+ *
891
+ * @param attributes - Legal document attributes. `doc_type` and `title`
892
+ * are required.
893
+ * @param options - Optional request options.
894
+ * @returns The newly created `LegalDocument` in draft status.
895
+ *
896
+ * @example
897
+ * ```typescript
898
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
899
+ * const doc = await client.compliance.legalDocuments.create({
900
+ * doc_type: 'privacy_policy',
901
+ * title: 'Privacy Policy v2.0',
902
+ * content: '<h1>Privacy Policy</h1><p>...</p>',
903
+ * version: '2025-03',
904
+ * locale: 'en-US',
905
+ * });
906
+ * ```
907
+ */
908
+ create: (attributes: CreateLegalDocumentAttributes, options?: RequestOptions) => Promise<LegalDocument>;
909
+ /**
910
+ * Update a legal document.
911
+ *
912
+ * Edits are only permitted on draft documents. Published documents must
913
+ * be unpublished before they can be edited.
914
+ *
915
+ * @param id - The UUID of the legal document to update.
916
+ * @param attributes - Attribute map of fields to change.
917
+ * @param options - Optional request options.
918
+ * @returns The updated `LegalDocument`.
919
+ *
920
+ * @example
921
+ * ```typescript
922
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
923
+ * const doc = await client.compliance.legalDocuments.update('ld_abc123', {
924
+ * content: '<h1>Updated Privacy Policy</h1><p>...</p>',
925
+ * });
926
+ * ```
927
+ */
928
+ update: (id: string, attributes: UpdateLegalDocumentAttributes, options?: RequestOptions) => Promise<LegalDocument>;
929
+ /**
930
+ * Delete a legal document.
931
+ *
932
+ * Only draft documents can be deleted. Published documents must be
933
+ * unpublished before deletion.
934
+ *
935
+ * @param id - The UUID of the legal document to delete.
936
+ * @param options - Optional request options.
937
+ * @returns `true` on successful deletion.
938
+ *
939
+ * @example
940
+ * ```typescript
941
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
942
+ * await client.compliance.legalDocuments.delete('ld_abc123');
943
+ * ```
944
+ */
945
+ delete: (id: string, options?: RequestOptions) => Promise<true>;
946
+ /**
947
+ * Retrieve legal documents filtered by locale.
948
+ *
949
+ * Returns published legal documents for the specified BCP-47 locale
950
+ * (e.g., `"en-US"`, `"fr-FR"`). Used to display the correct language
951
+ * version of legal documents to end users.
952
+ *
953
+ * @param locale - A BCP-47 locale string (e.g., `"en-US"`).
954
+ * @param options - Optional request options.
955
+ * @returns An array of published `LegalDocument` records for that locale.
956
+ *
957
+ * @example
958
+ * ```typescript
959
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
960
+ * const docs = await client.compliance.legalDocuments.byLocale('fr-FR');
961
+ * docs.forEach(d => console.log(d.attributes?.title));
962
+ * ```
963
+ */
964
+ byLocale: (locale: string, options?: RequestOptions) => Promise<LegalDocument[]>;
965
+ /**
966
+ * Retrieve published legal documents for the current application.
967
+ *
968
+ * Returns documents scoped to the application identified by the
969
+ * `x-application-key` request header. Used to load the correct
970
+ * legal documents for white-labeled or multi-tenant applications.
971
+ *
972
+ * @param options - Optional request options.
973
+ * @returns An array of published `LegalDocument` records for the current application.
974
+ *
975
+ * @example
976
+ * ```typescript
977
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
978
+ * const docs = await client.compliance.legalDocuments.forApplication();
979
+ * const tos = docs.find(d => d.attributes?.doc_type === 'terms_of_service');
980
+ * ```
981
+ */
982
+ forApplication: (options?: RequestOptions) => Promise<LegalDocument[]>;
983
+ /**
984
+ * Publish a legal document, making it visible to end users.
985
+ *
986
+ * Transitions the document from `draft` to `published` status. Once
987
+ * published, the document appears in the consent flow and can be
988
+ * accepted by users. Publishing is recorded with a `published_at`
989
+ * timestamp for auditability.
990
+ *
991
+ * @param id - The UUID of the legal document to publish.
992
+ * @param options - Optional request options.
993
+ * @returns The updated `LegalDocument` with `published: true`.
994
+ *
995
+ * @example
996
+ * ```typescript
997
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
998
+ * const doc = await client.compliance.legalDocuments.publish('ld_abc123');
999
+ * console.log(doc.attributes?.published_at);
1000
+ * ```
1001
+ */
1002
+ publish: (id: string, options?: RequestOptions) => Promise<LegalDocument>;
1003
+ /**
1004
+ * Unpublish a legal document, removing it from end-user visibility.
1005
+ *
1006
+ * Transitions the document from `published` back to `draft` status.
1007
+ * Useful when a document needs to be revised. Previously accepted
1008
+ * consent records are not affected by unpublishing.
1009
+ *
1010
+ * @param id - The UUID of the legal document to unpublish.
1011
+ * @param options - Optional request options.
1012
+ * @returns The updated `LegalDocument` with `published: false`.
1013
+ *
1014
+ * @example
1015
+ * ```typescript
1016
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
1017
+ * const doc = await client.compliance.legalDocuments.unpublish('ld_abc123');
1018
+ * console.log(doc.attributes?.published); // false
1019
+ * ```
1020
+ */
1021
+ unpublish: (id: string, options?: RequestOptions) => Promise<LegalDocument>;
1022
+ };
1023
+ /**
1024
+ * Legal Acceptances — records of user acceptance of legal documents.
1025
+ *
1026
+ * When a user accepts a legal document (e.g., clicks "I agree" on Terms of
1027
+ * Service), a `LegalAcceptance` record is created. These records are
1028
+ * immutable and serve as evidentiary proof of agreement. Use `latest` to
1029
+ * check whether the current user has accepted the most recent version of
1030
+ * all required documents.
1031
+ */
1032
+ legalAcceptances: {
1033
+ /**
1034
+ * List legal acceptance records with optional pagination.
1035
+ *
1036
+ * @param options - Optional page number, page size, and request options.
1037
+ * @returns A page of `LegalAcceptance` records.
1038
+ *
1039
+ * @example
1040
+ * ```typescript
1041
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
1042
+ * const acceptances = await client.compliance.legalAcceptances.list();
1043
+ * acceptances.forEach(a => console.log(a.attributes?.accepted_at));
1044
+ * ```
1045
+ */
1046
+ list: (options?: {
1047
+ page?: number;
1048
+ pageSize?: number;
1049
+ } & RequestOptions) => Promise<LegalAcceptance[]>;
1050
+ /**
1051
+ * Retrieve a single legal acceptance record by its ID.
1052
+ *
1053
+ * @param id - The UUID of the legal acceptance record.
1054
+ * @param options - Optional request options.
1055
+ * @returns The matching `LegalAcceptance`.
1056
+ *
1057
+ * @example
1058
+ * ```typescript
1059
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
1060
+ * const acceptance = await client.compliance.legalAcceptances.get('la_abc123');
1061
+ * console.log(acceptance.attributes?.document_version);
1062
+ * ```
1063
+ */
1064
+ get: (id: string, options?: RequestOptions) => Promise<LegalAcceptance>;
1065
+ /**
1066
+ * Get the latest legal acceptance record for the currently authenticated user.
1067
+ *
1068
+ * Returns the most recent acceptance record, useful for gating access
1069
+ * behind an "accept updated terms" prompt when a new document version
1070
+ * has been published since the user last accepted.
1071
+ *
1072
+ * @param options - Optional request options.
1073
+ * @returns The latest `LegalAcceptance` for the current user.
1074
+ *
1075
+ * @example
1076
+ * ```typescript
1077
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
1078
+ * const latest = await client.compliance.legalAcceptances.latest();
1079
+ * if (latest.attributes?.document_version !== currentDocVersion) {
1080
+ * // Prompt user to accept updated terms
1081
+ * }
1082
+ * ```
1083
+ */
1084
+ latest: (options?: RequestOptions) => Promise<LegalAcceptance>;
1085
+ };
1086
+ /**
1087
+ * Scan Results — PII detection and security scan findings.
1088
+ *
1089
+ * The platform runs automated PII and security scans on documents,
1090
+ * messages, and storage objects. `ScanResult` records capture what was
1091
+ * found: entity types, locations within the content, confidence scores,
1092
+ * and remediation status. These are generated by the platform and are
1093
+ * read-only via the client SDK.
1094
+ */
1095
+ scanResults: {
1096
+ /**
1097
+ * List PII/security scan results with optional pagination.
1098
+ *
1099
+ * @param options - Optional page number, page size, and request options.
1100
+ * @returns A page of `ScanResult` records.
1101
+ *
1102
+ * @example
1103
+ * ```typescript
1104
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
1105
+ * const results = await client.compliance.scanResults.list({ pageSize: 50 });
1106
+ * results.forEach(r => console.log(r.attributes?.entity_type, r.attributes?.risk_level));
1107
+ * ```
1108
+ */
1109
+ list: (options?: {
1110
+ page?: number;
1111
+ pageSize?: number;
1112
+ } & RequestOptions) => Promise<ScanResult[]>;
1113
+ /**
1114
+ * Retrieve a single scan result by its ID.
1115
+ *
1116
+ * @param id - The UUID of the scan result.
1117
+ * @param options - Optional request options.
1118
+ * @returns The matching `ScanResult` with entity details and location info.
1119
+ *
1120
+ * @example
1121
+ * ```typescript
1122
+ * const client = new GptClient({ apiKey: 'sk_app_...' });
1123
+ * const result = await client.compliance.scanResults.get('sr_abc123');
1124
+ * console.log(result.attributes?.entity_type, result.attributes?.confidence);
1125
+ * ```
1126
+ */
1127
+ get: (id: string, options?: RequestOptions) => Promise<ScanResult>;
1128
+ };
1129
+ /**
1130
+ * Get aggregated compliance posture for a workspace.
1131
+ *
1132
+ * Returns breach stats, DSR metrics, risk assessments, retention policies,
1133
+ * PII scan coverage, consent tracking, and regulatory framework readiness
1134
+ * in a single call.
1135
+ *
1136
+ * @param params - Must include `workspace_id`
1137
+ * @param options - Request options
1138
+ * @returns {@link CompliancePosture} snapshot
1139
+ *
1140
+ * @example
1141
+ * ```typescript
1142
+ * const posture = await client.compliance.getPosture({ workspace_id: "..." });
1143
+ * console.log(posture.open_breaches, posture.frameworks);
1144
+ * ```
1145
+ */
1146
+ getPosture: (params: {
1147
+ workspace_id: string;
1148
+ }, options?: RequestOptions) => Promise<CompliancePosture>;
1149
+ /**
1150
+ * Risk Assessments — formal risk evaluation records.
1151
+ *
1152
+ * Track risk assessments for data processing activities, infrastructure,
1153
+ * and third-party integrations. Assessments can be created, reviewed via
1154
+ * status updates, and deleted when superseded.
1155
+ */
1156
+ riskAssessments: {
1157
+ /**
1158
+ * List risk assessments with optional pagination.
1159
+ *
1160
+ * @param options - Optional page number, page size, and request options.
1161
+ * @returns A page of `RiskAssessment` records.
1162
+ *
1163
+ * @example
1164
+ * ```typescript
1165
+ * const assessments = await client.compliance.riskAssessments.list();
1166
+ * ```
1167
+ */
1168
+ list: (options?: {
1169
+ page?: number;
1170
+ pageSize?: number;
1171
+ } & RequestOptions) => Promise<RiskAssessment[]>;
1172
+ /**
1173
+ * Retrieve a single risk assessment by ID.
1174
+ *
1175
+ * @param id - The UUID of the risk assessment.
1176
+ * @param options - Optional request options.
1177
+ * @returns The matching `RiskAssessment`.
1178
+ *
1179
+ * @example
1180
+ * ```typescript
1181
+ * const assessment = await client.compliance.riskAssessments.get('ra-uuid');
1182
+ * ```
1183
+ */
1184
+ get: (id: string, options?: RequestOptions) => Promise<RiskAssessment>;
1185
+ /**
1186
+ * Create a new risk assessment.
1187
+ *
1188
+ * @param attributes - Risk assessment attributes.
1189
+ * @param options - Optional request options.
1190
+ * @returns The newly created `RiskAssessment`.
1191
+ *
1192
+ * @example
1193
+ * ```typescript
1194
+ * const assessment = await client.compliance.riskAssessments.create({
1195
+ * title: 'LLM Pipeline Risk Assessment',
1196
+ * risk_level: 'high',
1197
+ * });
1198
+ * ```
1199
+ */
1200
+ create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<RiskAssessment>;
1201
+ /**
1202
+ * Update the status of a risk assessment.
1203
+ *
1204
+ * @param id - The UUID of the risk assessment.
1205
+ * @param attributes - Attributes to update (e.g., `{ status: "mitigated" }`).
1206
+ * @param options - Optional request options.
1207
+ * @returns The updated `RiskAssessment`.
1208
+ *
1209
+ * @example
1210
+ * ```typescript
1211
+ * const assessment = await client.compliance.riskAssessments.updateStatus(
1212
+ * 'ra-uuid', { status: 'mitigated' },
1213
+ * );
1214
+ * ```
1215
+ */
1216
+ updateStatus: (id: string, attributes: Record<string, unknown>, options?: RequestOptions) => Promise<RiskAssessment>;
1217
+ /**
1218
+ * Delete a risk assessment.
1219
+ *
1220
+ * @param id - The UUID of the risk assessment to delete.
1221
+ * @param options - Optional request options.
1222
+ * @returns `true` on successful deletion.
1223
+ *
1224
+ * @example
1225
+ * ```typescript
1226
+ * await client.compliance.riskAssessments.delete('ra-uuid');
1227
+ * ```
1228
+ */
1229
+ delete: (id: string, options?: RequestOptions) => Promise<true>;
1230
+ };
1231
+ /**
1232
+ * Data Transfer Records — cross-border and third-party data transfer tracking.
1233
+ *
1234
+ * GDPR Chapter V requires documentation of international data transfers.
1235
+ * Each record captures the transfer mechanism, recipient country, and
1236
+ * safeguards in place.
1237
+ */
1238
+ dataTransferRecords: {
1239
+ /**
1240
+ * List data transfer records with optional pagination.
1241
+ *
1242
+ * @param options - Optional page number, page size, and request options.
1243
+ * @returns A page of `DataTransferRecord` records.
1244
+ *
1245
+ * @example
1246
+ * ```typescript
1247
+ * const transfers = await client.compliance.dataTransferRecords.list();
1248
+ * ```
1249
+ */
1250
+ list: (options?: {
1251
+ page?: number;
1252
+ pageSize?: number;
1253
+ } & RequestOptions) => Promise<DataTransferRecord[]>;
1254
+ /**
1255
+ * Retrieve a single data transfer record by ID.
1256
+ *
1257
+ * @param id - The UUID of the data transfer record.
1258
+ * @param options - Optional request options.
1259
+ * @returns The matching `DataTransferRecord`.
1260
+ *
1261
+ * @example
1262
+ * ```typescript
1263
+ * const transfer = await client.compliance.dataTransferRecords.get('dtr-uuid');
1264
+ * ```
1265
+ */
1266
+ get: (id: string, options?: RequestOptions) => Promise<DataTransferRecord>;
1267
+ /**
1268
+ * Create a new data transfer record.
1269
+ *
1270
+ * @param attributes - Data transfer attributes (recipient, country, mechanism, etc.).
1271
+ * @param options - Optional request options.
1272
+ * @returns The newly created `DataTransferRecord`.
1273
+ *
1274
+ * @example
1275
+ * ```typescript
1276
+ * const transfer = await client.compliance.dataTransferRecords.create({
1277
+ * recipient: 'Cloud Provider EU',
1278
+ * destination_country: 'DE',
1279
+ * transfer_mechanism: 'standard_contractual_clauses',
1280
+ * });
1281
+ * ```
1282
+ */
1283
+ create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<DataTransferRecord>;
1284
+ /**
1285
+ * Delete a data transfer record.
1286
+ *
1287
+ * @param id - The UUID of the data transfer record to delete.
1288
+ * @param options - Optional request options.
1289
+ * @returns `true` on successful deletion.
1290
+ *
1291
+ * @example
1292
+ * ```typescript
1293
+ * await client.compliance.dataTransferRecords.delete('dtr-uuid');
1294
+ * ```
1295
+ */
1296
+ delete: (id: string, options?: RequestOptions) => Promise<true>;
1297
+ };
1298
+ /**
1299
+ * CDE Scope Reports — Cardholder Data Environment scope documentation.
1300
+ *
1301
+ * PCI DSS requires documenting the scope of systems that store, process,
1302
+ * or transmit cardholder data. Each report captures the CDE boundary
1303
+ * and connected systems.
1304
+ */
1305
+ cdeScopeReports: {
1306
+ /**
1307
+ * List CDE scope reports with optional pagination.
1308
+ *
1309
+ * @param options - Optional page number, page size, and request options.
1310
+ * @returns A page of `CdeScopeReport` records.
1311
+ *
1312
+ * @example
1313
+ * ```typescript
1314
+ * const reports = await client.compliance.cdeScopeReports.list();
1315
+ * ```
1316
+ */
1317
+ list: (options?: {
1318
+ page?: number;
1319
+ pageSize?: number;
1320
+ } & RequestOptions) => Promise<CdeScopeReport[]>;
1321
+ /**
1322
+ * Retrieve a single CDE scope report by ID.
1323
+ *
1324
+ * @param id - The UUID of the CDE scope report.
1325
+ * @param options - Optional request options.
1326
+ * @returns The matching `CdeScopeReport`.
1327
+ *
1328
+ * @example
1329
+ * ```typescript
1330
+ * const report = await client.compliance.cdeScopeReports.get('csr-uuid');
1331
+ * ```
1332
+ */
1333
+ get: (id: string, options?: RequestOptions) => Promise<CdeScopeReport>;
1334
+ /**
1335
+ * Create a new CDE scope report.
1336
+ *
1337
+ * @param attributes - CDE scope report attributes.
1338
+ * @param options - Optional request options.
1339
+ * @returns The newly created `CdeScopeReport`.
1340
+ *
1341
+ * @example
1342
+ * ```typescript
1343
+ * const report = await client.compliance.cdeScopeReports.create({
1344
+ * title: 'Q1 2026 CDE Scope',
1345
+ * systems_in_scope: ['payment-gateway', 'billing-db'],
1346
+ * });
1347
+ * ```
1348
+ */
1349
+ create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<CdeScopeReport>;
1350
+ /**
1351
+ * Delete a CDE scope report.
1352
+ *
1353
+ * @param id - The UUID of the CDE scope report to delete.
1354
+ * @param options - Optional request options.
1355
+ * @returns `true` on successful deletion.
1356
+ *
1357
+ * @example
1358
+ * ```typescript
1359
+ * await client.compliance.cdeScopeReports.delete('csr-uuid');
1360
+ * ```
1361
+ */
1362
+ delete: (id: string, options?: RequestOptions) => Promise<true>;
1363
+ };
1364
+ /**
1365
+ * Access Logs — read-only access audit trail.
1366
+ *
1367
+ * Records of who accessed what data and when. Generated automatically
1368
+ * by the platform. Access logs are immutable and cannot be created,
1369
+ * modified, or deleted via the API.
1370
+ */
1371
+ accessLogs: {
1372
+ /**
1373
+ * List access logs with optional pagination.
1374
+ *
1375
+ * @param options - Optional page number, page size, and request options.
1376
+ * @returns A page of `AccessLog` records.
1377
+ *
1378
+ * @example
1379
+ * ```typescript
1380
+ * const logs = await client.compliance.accessLogs.list({ pageSize: 100 });
1381
+ * ```
1382
+ */
1383
+ list: (options?: {
1384
+ page?: number;
1385
+ pageSize?: number;
1386
+ } & RequestOptions) => Promise<AccessLog[]>;
1387
+ /**
1388
+ * Retrieve a single access log entry by ID.
1389
+ *
1390
+ * @param id - The UUID of the access log entry.
1391
+ * @param options - Optional request options.
1392
+ * @returns The matching `AccessLog`.
1393
+ *
1394
+ * @example
1395
+ * ```typescript
1396
+ * const log = await client.compliance.accessLogs.get('al-uuid');
1397
+ * ```
1398
+ */
1399
+ get: (id: string, options?: RequestOptions) => Promise<AccessLog>;
1400
+ };
1401
+ /**
1402
+ * Disclosure Logs — records of data disclosures to third parties.
1403
+ *
1404
+ * HIPAA and state privacy laws require tracking disclosures of protected
1405
+ * information. Each log entry records what was disclosed, to whom, and
1406
+ * the legal basis for the disclosure.
1407
+ */
1408
+ disclosureLogs: {
1409
+ /**
1410
+ * List disclosure logs with optional pagination.
1411
+ *
1412
+ * @param options - Optional page number, page size, and request options.
1413
+ * @returns A page of `DisclosureLog` records.
1414
+ *
1415
+ * @example
1416
+ * ```typescript
1417
+ * const logs = await client.compliance.disclosureLogs.list();
1418
+ * ```
1419
+ */
1420
+ list: (options?: {
1421
+ page?: number;
1422
+ pageSize?: number;
1423
+ } & RequestOptions) => Promise<DisclosureLog[]>;
1424
+ /**
1425
+ * Retrieve a single disclosure log by ID.
1426
+ *
1427
+ * @param id - The UUID of the disclosure log.
1428
+ * @param options - Optional request options.
1429
+ * @returns The matching `DisclosureLog`.
1430
+ *
1431
+ * @example
1432
+ * ```typescript
1433
+ * const log = await client.compliance.disclosureLogs.get('dl-uuid');
1434
+ * ```
1435
+ */
1436
+ get: (id: string, options?: RequestOptions) => Promise<DisclosureLog>;
1437
+ /**
1438
+ * Create a new disclosure log entry.
1439
+ *
1440
+ * @param attributes - Disclosure details (recipient, purpose, data categories, etc.).
1441
+ * @param options - Optional request options.
1442
+ * @returns The newly created `DisclosureLog`.
1443
+ *
1444
+ * @example
1445
+ * ```typescript
1446
+ * const log = await client.compliance.disclosureLogs.create({
1447
+ * recipient: 'Insurance Provider',
1448
+ * purpose: 'claims_processing',
1449
+ * data_categories: ['health_data'],
1450
+ * });
1451
+ * ```
1452
+ */
1453
+ create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<DisclosureLog>;
1454
+ /**
1455
+ * List disclosure logs filtered by data subject.
1456
+ *
1457
+ * Returns all disclosures related to a specific data subject,
1458
+ * useful for fulfilling HIPAA accounting-of-disclosures requests.
1459
+ *
1460
+ * @param options - Filter by subject type/ID, plus optional pagination and request options.
1461
+ * @returns An array of `DisclosureLog` records for the subject.
1462
+ *
1463
+ * @example
1464
+ * ```typescript
1465
+ * const logs = await client.compliance.disclosureLogs.listBySubject({
1466
+ * filter: { subject_type: { eq: 'patient' }, subject_id: { eq: 'subj-123' } },
1467
+ * });
1468
+ * ```
1469
+ */
1470
+ listBySubject: (options?: {
1471
+ filter?: Record<string, unknown>;
1472
+ page?: number;
1473
+ pageSize?: number;
1474
+ } & RequestOptions) => Promise<DisclosureLog[]>;
1475
+ };
1476
+ /**
1477
+ * Amendment Requests — requests to correct or amend records.
1478
+ *
1479
+ * HIPAA gives patients the right to request amendments to their health
1480
+ * records. Each request goes through a review workflow: create, review,
1481
+ * approve/deny, and apply.
1482
+ */
1483
+ amendmentRequests: {
1484
+ /**
1485
+ * List amendment requests with optional pagination.
1486
+ *
1487
+ * @param options - Optional page number, page size, and request options.
1488
+ * @returns A page of `AmendmentRequest` records.
1489
+ *
1490
+ * @example
1491
+ * ```typescript
1492
+ * const requests = await client.compliance.amendmentRequests.list();
1493
+ * ```
1494
+ */
1495
+ list: (options?: {
1496
+ page?: number;
1497
+ pageSize?: number;
1498
+ } & RequestOptions) => Promise<AmendmentRequest[]>;
1499
+ /**
1500
+ * Retrieve a single amendment request by ID.
1501
+ *
1502
+ * @param id - The UUID of the amendment request.
1503
+ * @param options - Optional request options.
1504
+ * @returns The matching `AmendmentRequest`.
1505
+ *
1506
+ * @example
1507
+ * ```typescript
1508
+ * const request = await client.compliance.amendmentRequests.get('ar-uuid');
1509
+ * ```
1510
+ */
1511
+ get: (id: string, options?: RequestOptions) => Promise<AmendmentRequest>;
1512
+ /**
1513
+ * Create a new amendment request.
1514
+ *
1515
+ * @param attributes - Amendment request details (record reference, requested changes, reason).
1516
+ * @param options - Optional request options.
1517
+ * @returns The newly created `AmendmentRequest`.
1518
+ *
1519
+ * @example
1520
+ * ```typescript
1521
+ * const request = await client.compliance.amendmentRequests.create({
1522
+ * record_id: 'patient-record-uuid',
1523
+ * requested_change: 'Correct diagnosis code from E11.9 to E10.9',
1524
+ * reason: 'Misclassification during initial intake.',
1525
+ * });
1526
+ * ```
1527
+ */
1528
+ create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<AmendmentRequest>;
1529
+ /**
1530
+ * Mark an amendment request as under review.
1531
+ *
1532
+ * @param id - The UUID of the amendment request.
1533
+ * @param attributes - Optional review attributes.
1534
+ * @param options - Optional request options.
1535
+ * @returns The updated `AmendmentRequest`.
1536
+ *
1537
+ * @example
1538
+ * ```typescript
1539
+ * const request = await client.compliance.amendmentRequests.review('ar-uuid');
1540
+ * ```
1541
+ */
1542
+ review: (id: string, attributes?: Record<string, unknown>, options?: RequestOptions) => Promise<AmendmentRequest>;
1543
+ /**
1544
+ * Approve an amendment request.
1545
+ *
1546
+ * @param id - The UUID of the amendment request.
1547
+ * @param attributes - Optional approval attributes.
1548
+ * @param options - Optional request options.
1549
+ * @returns The updated `AmendmentRequest` with approved status.
1550
+ *
1551
+ * @example
1552
+ * ```typescript
1553
+ * const request = await client.compliance.amendmentRequests.approve('ar-uuid');
1554
+ * ```
1555
+ */
1556
+ approve: (id: string, attributes?: Record<string, unknown>, options?: RequestOptions) => Promise<AmendmentRequest>;
1557
+ /**
1558
+ * Deny an amendment request.
1559
+ *
1560
+ * @param id - The UUID of the amendment request.
1561
+ * @param attributes - Optional denial reason attributes.
1562
+ * @param options - Optional request options.
1563
+ * @returns The updated `AmendmentRequest` with denied status.
1564
+ *
1565
+ * @example
1566
+ * ```typescript
1567
+ * const request = await client.compliance.amendmentRequests.deny('ar-uuid', {
1568
+ * denial_reason: 'Record is accurate as documented.',
1569
+ * });
1570
+ * ```
1571
+ */
1572
+ deny: (id: string, attributes?: Record<string, unknown>, options?: RequestOptions) => Promise<AmendmentRequest>;
1573
+ /**
1574
+ * Apply an approved amendment to the target record.
1575
+ *
1576
+ * @param id - The UUID of the amendment request.
1577
+ * @param attributes - Optional application attributes.
1578
+ * @param options - Optional request options.
1579
+ * @returns The updated `AmendmentRequest` with applied status.
1580
+ *
1581
+ * @example
1582
+ * ```typescript
1583
+ * const request = await client.compliance.amendmentRequests.apply('ar-uuid');
1584
+ * ```
1585
+ */
1586
+ apply: (id: string, attributes?: Record<string, unknown>, options?: RequestOptions) => Promise<AmendmentRequest>;
1587
+ };
1588
+ /**
1589
+ * Compliance Document Templates — reusable templates for compliance documentation.
1590
+ *
1591
+ * Templates provide standardized starting points for policies, procedures,
1592
+ * and forms required by regulatory frameworks. Templates can be cloned
1593
+ * to create workspace-specific documents.
1594
+ */
1595
+ complianceDocumentTemplates: {
1596
+ /**
1597
+ * List compliance document templates with optional pagination.
1598
+ *
1599
+ * @param options - Optional page number, page size, and request options.
1600
+ * @returns A page of `ComplianceDocumentTemplate` records.
1601
+ *
1602
+ * @example
1603
+ * ```typescript
1604
+ * const templates = await client.compliance.complianceDocumentTemplates.list();
1605
+ * ```
1606
+ */
1607
+ list: (options?: {
1608
+ page?: number;
1609
+ pageSize?: number;
1610
+ } & RequestOptions) => Promise<ComplianceDocumentTemplate[]>;
1611
+ /**
1612
+ * Retrieve a single compliance document template by ID.
1613
+ *
1614
+ * @param id - The UUID of the template.
1615
+ * @param options - Optional request options.
1616
+ * @returns The matching `ComplianceDocumentTemplate`.
1617
+ *
1618
+ * @example
1619
+ * ```typescript
1620
+ * const template = await client.compliance.complianceDocumentTemplates.get('tpl-uuid');
1621
+ * ```
1622
+ */
1623
+ get: (id: string, options?: RequestOptions) => Promise<ComplianceDocumentTemplate>;
1624
+ /**
1625
+ * Create a new compliance document template.
1626
+ *
1627
+ * @param attributes - Template attributes (title, content, framework, etc.).
1628
+ * @param options - Optional request options.
1629
+ * @returns The newly created `ComplianceDocumentTemplate`.
1630
+ *
1631
+ * @example
1632
+ * ```typescript
1633
+ * const template = await client.compliance.complianceDocumentTemplates.create({
1634
+ * title: 'HIPAA Privacy Policy Template',
1635
+ * framework: 'hipaa',
1636
+ * content: '# Privacy Policy\n...',
1637
+ * });
1638
+ * ```
1639
+ */
1640
+ create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<ComplianceDocumentTemplate>;
1641
+ /**
1642
+ * Update a compliance document template.
1643
+ *
1644
+ * @param id - The UUID of the template to update.
1645
+ * @param attributes - Attribute map of fields to change.
1646
+ * @param options - Optional request options.
1647
+ * @returns The updated `ComplianceDocumentTemplate`.
1648
+ *
1649
+ * @example
1650
+ * ```typescript
1651
+ * const template = await client.compliance.complianceDocumentTemplates.update(
1652
+ * 'tpl-uuid', { content: '# Updated Policy\n...' },
1653
+ * );
1654
+ * ```
1655
+ */
1656
+ update: (id: string, attributes: Record<string, unknown>, options?: RequestOptions) => Promise<ComplianceDocumentTemplate>;
1657
+ /**
1658
+ * Clone a compliance document template into a new document.
1659
+ *
1660
+ * Creates a copy of the template that can be customized independently.
1661
+ *
1662
+ * @param attributes - Clone attributes (e.g., target workspace or overrides).
1663
+ * @param options - Optional request options.
1664
+ * @returns The cloned `ComplianceDocumentTemplate`.
1665
+ *
1666
+ * @example
1667
+ * ```typescript
1668
+ * const cloned = await client.compliance.complianceDocumentTemplates.clone({
1669
+ * source_template_id: 'tpl-uuid',
1670
+ * title: 'Our HIPAA Privacy Policy',
1671
+ * });
1672
+ * ```
1673
+ */
1674
+ clone: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<ComplianceDocumentTemplate>;
1675
+ };
1676
+ /**
1677
+ * Business Associate Agreements — HIPAA BAA lifecycle management.
1678
+ *
1679
+ * HIPAA requires covered entities to execute BAAs with business associates
1680
+ * who handle PHI. Track agreements through creation, signing, and
1681
+ * termination.
1682
+ */
1683
+ businessAssociateAgreements: {
1684
+ /**
1685
+ * List business associate agreements with optional pagination.
1686
+ *
1687
+ * @param options - Optional page number, page size, and request options.
1688
+ * @returns A page of `BusinessAssociateAgreement` records.
1689
+ *
1690
+ * @example
1691
+ * ```typescript
1692
+ * const baas = await client.compliance.businessAssociateAgreements.list();
1693
+ * ```
1694
+ */
1695
+ list: (options?: {
1696
+ page?: number;
1697
+ pageSize?: number;
1698
+ } & RequestOptions) => Promise<BusinessAssociateAgreement[]>;
1699
+ /**
1700
+ * Retrieve a single BAA by ID.
1701
+ *
1702
+ * @param id - The UUID of the BAA.
1703
+ * @param options - Optional request options.
1704
+ * @returns The matching `BusinessAssociateAgreement`.
1705
+ *
1706
+ * @example
1707
+ * ```typescript
1708
+ * const baa = await client.compliance.businessAssociateAgreements.get('baa-uuid');
1709
+ * ```
1710
+ */
1711
+ get: (id: string, options?: RequestOptions) => Promise<BusinessAssociateAgreement>;
1712
+ /**
1713
+ * Create a new business associate agreement.
1714
+ *
1715
+ * @param attributes - BAA attributes (associate name, terms, effective date, etc.).
1716
+ * @param options - Optional request options.
1717
+ * @returns The newly created `BusinessAssociateAgreement`.
1718
+ *
1719
+ * @example
1720
+ * ```typescript
1721
+ * const baa = await client.compliance.businessAssociateAgreements.create({
1722
+ * associate_name: 'Cloud Storage Inc.',
1723
+ * effective_date: '2026-01-01',
1724
+ * });
1725
+ * ```
1726
+ */
1727
+ create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<BusinessAssociateAgreement>;
1728
+ /**
1729
+ * Update a business associate agreement.
1730
+ *
1731
+ * @param id - The UUID of the BAA to update.
1732
+ * @param attributes - Attribute map of fields to change.
1733
+ * @param options - Optional request options.
1734
+ * @returns The updated `BusinessAssociateAgreement`.
1735
+ *
1736
+ * @example
1737
+ * ```typescript
1738
+ * const baa = await client.compliance.businessAssociateAgreements.update(
1739
+ * 'baa-uuid', { terms: 'Updated terms...' },
1740
+ * );
1741
+ * ```
1742
+ */
1743
+ update: (id: string, attributes: Record<string, unknown>, options?: RequestOptions) => Promise<BusinessAssociateAgreement>;
1744
+ /**
1745
+ * Sign a business associate agreement.
1746
+ *
1747
+ * Records the signing event with timestamp and signer identity.
1748
+ *
1749
+ * @param id - The UUID of the BAA to sign.
1750
+ * @param attributes - Optional signing attributes.
1751
+ * @param options - Optional request options.
1752
+ * @returns The updated `BusinessAssociateAgreement` with signed status.
1753
+ *
1754
+ * @example
1755
+ * ```typescript
1756
+ * const baa = await client.compliance.businessAssociateAgreements.sign('baa-uuid');
1757
+ * ```
1758
+ */
1759
+ sign: (id: string, attributes?: Record<string, unknown>, options?: RequestOptions) => Promise<BusinessAssociateAgreement>;
1760
+ /**
1761
+ * Terminate a business associate agreement.
1762
+ *
1763
+ * Ends the BAA relationship. Records termination date and reason.
1764
+ *
1765
+ * @param id - The UUID of the BAA to terminate.
1766
+ * @param attributes - Optional termination attributes (reason, effective date).
1767
+ * @param options - Optional request options.
1768
+ * @returns The updated `BusinessAssociateAgreement` with terminated status.
1769
+ *
1770
+ * @example
1771
+ * ```typescript
1772
+ * const baa = await client.compliance.businessAssociateAgreements.terminate(
1773
+ * 'baa-uuid', { reason: 'Contract not renewed.' },
1774
+ * );
1775
+ * ```
1776
+ */
1777
+ terminate: (id: string, attributes?: Record<string, unknown>, options?: RequestOptions) => Promise<BusinessAssociateAgreement>;
1778
+ };
1779
+ /**
1780
+ * Policy Review Schedules — track periodic policy review cycles.
1781
+ *
1782
+ * Regulatory frameworks require periodic review of compliance policies.
1783
+ * Schedules track when reviews are due, overdue, or completed.
1784
+ */
1785
+ policyReviewSchedules: {
1786
+ /**
1787
+ * List policy review schedules with optional pagination.
1788
+ *
1789
+ * @param options - Optional page number, page size, and request options.
1790
+ * @returns A page of `PolicyReviewSchedule` records.
1791
+ *
1792
+ * @example
1793
+ * ```typescript
1794
+ * const schedules = await client.compliance.policyReviewSchedules.list();
1795
+ * ```
1796
+ */
1797
+ list: (options?: {
1798
+ page?: number;
1799
+ pageSize?: number;
1800
+ } & RequestOptions) => Promise<PolicyReviewSchedule[]>;
1801
+ /**
1802
+ * Retrieve a single policy review schedule by ID.
1803
+ *
1804
+ * @param id - The UUID of the policy review schedule.
1805
+ * @param options - Optional request options.
1806
+ * @returns The matching `PolicyReviewSchedule`.
1807
+ *
1808
+ * @example
1809
+ * ```typescript
1810
+ * const schedule = await client.compliance.policyReviewSchedules.get('prs-uuid');
1811
+ * ```
1812
+ */
1813
+ get: (id: string, options?: RequestOptions) => Promise<PolicyReviewSchedule>;
1814
+ /**
1815
+ * Create a new policy review schedule.
1816
+ *
1817
+ * @param attributes - Schedule attributes (policy reference, frequency, next review date).
1818
+ * @param options - Optional request options.
1819
+ * @returns The newly created `PolicyReviewSchedule`.
1820
+ *
1821
+ * @example
1822
+ * ```typescript
1823
+ * const schedule = await client.compliance.policyReviewSchedules.create({
1824
+ * policy_name: 'Data Retention Policy',
1825
+ * review_frequency_days: 365,
1826
+ * next_review_date: '2027-01-01',
1827
+ * });
1828
+ * ```
1829
+ */
1830
+ create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<PolicyReviewSchedule>;
1831
+ /**
1832
+ * Mark a policy review as completed.
1833
+ *
1834
+ * @param id - The UUID of the policy review schedule.
1835
+ * @param attributes - Optional completion attributes (reviewer, notes).
1836
+ * @param options - Optional request options.
1837
+ * @returns The updated `PolicyReviewSchedule`.
1838
+ *
1839
+ * @example
1840
+ * ```typescript
1841
+ * const schedule = await client.compliance.policyReviewSchedules.completeReview(
1842
+ * 'prs-uuid', { reviewer: 'compliance-officer-uuid' },
1843
+ * );
1844
+ * ```
1845
+ */
1846
+ completeReview: (id: string, attributes?: Record<string, unknown>, options?: RequestOptions) => Promise<PolicyReviewSchedule>;
1847
+ /**
1848
+ * Mark a policy review schedule as due.
1849
+ *
1850
+ * @param id - The UUID of the policy review schedule.
1851
+ * @param attributes - Optional attributes.
1852
+ * @param options - Optional request options.
1853
+ * @returns The updated `PolicyReviewSchedule`.
1854
+ *
1855
+ * @example
1856
+ * ```typescript
1857
+ * const schedule = await client.compliance.policyReviewSchedules.markDue('prs-uuid');
1858
+ * ```
1859
+ */
1860
+ markDue: (id: string, attributes?: Record<string, unknown>, options?: RequestOptions) => Promise<PolicyReviewSchedule>;
1861
+ /**
1862
+ * Mark a policy review schedule as overdue.
1863
+ *
1864
+ * @param id - The UUID of the policy review schedule.
1865
+ * @param attributes - Optional attributes.
1866
+ * @param options - Optional request options.
1867
+ * @returns The updated `PolicyReviewSchedule`.
1868
+ *
1869
+ * @example
1870
+ * ```typescript
1871
+ * const schedule = await client.compliance.policyReviewSchedules.markOverdue('prs-uuid');
1872
+ * ```
1873
+ */
1874
+ markOverdue: (id: string, attributes?: Record<string, unknown>, options?: RequestOptions) => Promise<PolicyReviewSchedule>;
1875
+ };
1876
+ /**
1877
+ * Compliance Requirements — regulatory requirements tracking.
1878
+ *
1879
+ * Track individual requirements from regulatory frameworks (HIPAA, GDPR,
1880
+ * PCI DSS, SOC 2). Each requirement can be created, updated with
1881
+ * implementation status, and deleted when no longer applicable.
1882
+ */
1883
+ complianceRequirements: {
1884
+ /**
1885
+ * List compliance requirements with optional pagination.
1886
+ *
1887
+ * @param options - Optional page number, page size, and request options.
1888
+ * @returns A page of `ComplianceRequirement` records.
1889
+ *
1890
+ * @example
1891
+ * ```typescript
1892
+ * const requirements = await client.compliance.complianceRequirements.list();
1893
+ * ```
1894
+ */
1895
+ list: (options?: {
1896
+ page?: number;
1897
+ pageSize?: number;
1898
+ } & RequestOptions) => Promise<ComplianceRequirement[]>;
1899
+ /**
1900
+ * Retrieve a single compliance requirement by ID.
1901
+ *
1902
+ * @param id - The UUID of the compliance requirement.
1903
+ * @param options - Optional request options.
1904
+ * @returns The matching `ComplianceRequirement`.
1905
+ *
1906
+ * @example
1907
+ * ```typescript
1908
+ * const req = await client.compliance.complianceRequirements.get('cr-uuid');
1909
+ * ```
1910
+ */
1911
+ get: (id: string, options?: RequestOptions) => Promise<ComplianceRequirement>;
1912
+ /**
1913
+ * Create a new compliance requirement.
1914
+ *
1915
+ * @param attributes - Requirement attributes (framework, control ID, description, etc.).
1916
+ * @param options - Optional request options.
1917
+ * @returns The newly created `ComplianceRequirement`.
1918
+ *
1919
+ * @example
1920
+ * ```typescript
1921
+ * const req = await client.compliance.complianceRequirements.create({
1922
+ * framework: 'hipaa',
1923
+ * control_id: '164.312(a)(1)',
1924
+ * description: 'Access Control — Unique User Identification',
1925
+ * });
1926
+ * ```
1927
+ */
1928
+ create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<ComplianceRequirement>;
1929
+ /**
1930
+ * Update a compliance requirement.
1931
+ *
1932
+ * @param id - The UUID of the compliance requirement to update.
1933
+ * @param attributes - Attribute map of fields to change.
1934
+ * @param options - Optional request options.
1935
+ * @returns The updated `ComplianceRequirement`.
1936
+ *
1937
+ * @example
1938
+ * ```typescript
1939
+ * const req = await client.compliance.complianceRequirements.update(
1940
+ * 'cr-uuid', { status: 'implemented' },
1941
+ * );
1942
+ * ```
1943
+ */
1944
+ update: (id: string, attributes: Record<string, unknown>, options?: RequestOptions) => Promise<ComplianceRequirement>;
1945
+ /**
1946
+ * Delete a compliance requirement.
1947
+ *
1948
+ * @param id - The UUID of the compliance requirement to delete.
1949
+ * @param options - Optional request options.
1950
+ * @returns `true` on successful deletion.
1951
+ *
1952
+ * @example
1953
+ * ```typescript
1954
+ * await client.compliance.complianceRequirements.delete('cr-uuid');
1955
+ * ```
1956
+ */
1957
+ delete: (id: string, options?: RequestOptions) => Promise<true>;
1958
+ };
1959
+ /**
1960
+ * Compliance Requirement Completions — evidence of requirement fulfillment.
1961
+ *
1962
+ * Each completion record links a compliance requirement to the evidence
1963
+ * or action that satisfies it. Read-only once created — completions
1964
+ * serve as an immutable audit trail.
1965
+ */
1966
+ complianceRequirementCompletions: {
1967
+ /**
1968
+ * List compliance requirement completions with optional pagination.
1969
+ *
1970
+ * @param options - Optional page number, page size, and request options.
1971
+ * @returns A page of `ComplianceRequirementCompletion` records.
1972
+ *
1973
+ * @example
1974
+ * ```typescript
1975
+ * const completions = await client.compliance.complianceRequirementCompletions.list();
1976
+ * ```
1977
+ */
1978
+ list: (options?: {
1979
+ page?: number;
1980
+ pageSize?: number;
1981
+ } & RequestOptions) => Promise<ComplianceRequirementCompletion[]>;
1982
+ /**
1983
+ * Retrieve a single compliance requirement completion by ID.
1984
+ *
1985
+ * @param id - The UUID of the completion record.
1986
+ * @param options - Optional request options.
1987
+ * @returns The matching `ComplianceRequirementCompletion`.
1988
+ *
1989
+ * @example
1990
+ * ```typescript
1991
+ * const completion = await client.compliance.complianceRequirementCompletions.get('crc-uuid');
1992
+ * ```
1993
+ */
1994
+ get: (id: string, options?: RequestOptions) => Promise<ComplianceRequirementCompletion>;
1995
+ /**
1996
+ * Create a new compliance requirement completion record.
1997
+ *
1998
+ * @param attributes - Completion attributes (requirement ID, evidence, completed by, etc.).
1999
+ * @param options - Optional request options.
2000
+ * @returns The newly created `ComplianceRequirementCompletion`.
2001
+ *
2002
+ * @example
2003
+ * ```typescript
2004
+ * const completion = await client.compliance.complianceRequirementCompletions.create({
2005
+ * compliance_requirement_id: 'cr-uuid',
2006
+ * evidence: 'Access controls verified via penetration test report.',
2007
+ * });
2008
+ * ```
2009
+ */
2010
+ create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<ComplianceRequirementCompletion>;
2011
+ };
2012
+ /**
2013
+ * Compliance Officer Designations — track designated compliance officers.
2014
+ *
2015
+ * Regulatory frameworks require organizations to designate compliance
2016
+ * officers (e.g., HIPAA Privacy Officer, DPO under GDPR). Designations
2017
+ * can be created and revoked.
2018
+ */
2019
+ complianceOfficerDesignations: {
2020
+ /**
2021
+ * List compliance officer designations with optional pagination.
2022
+ *
2023
+ * @param options - Optional page number, page size, and request options.
2024
+ * @returns A page of `ComplianceOfficerDesignation` records.
2025
+ *
2026
+ * @example
2027
+ * ```typescript
2028
+ * const designations = await client.compliance.complianceOfficerDesignations.list();
2029
+ * ```
2030
+ */
2031
+ list: (options?: {
2032
+ page?: number;
2033
+ pageSize?: number;
2034
+ } & RequestOptions) => Promise<ComplianceOfficerDesignation[]>;
2035
+ /**
2036
+ * Retrieve a single compliance officer designation by ID.
2037
+ *
2038
+ * @param id - The UUID of the designation.
2039
+ * @param options - Optional request options.
2040
+ * @returns The matching `ComplianceOfficerDesignation`.
2041
+ *
2042
+ * @example
2043
+ * ```typescript
2044
+ * const designation = await client.compliance.complianceOfficerDesignations.get('cod-uuid');
2045
+ * ```
2046
+ */
2047
+ get: (id: string, options?: RequestOptions) => Promise<ComplianceOfficerDesignation>;
2048
+ /**
2049
+ * Create a new compliance officer designation.
2050
+ *
2051
+ * @param attributes - Designation attributes (user ID, role, framework, effective date).
2052
+ * @param options - Optional request options.
2053
+ * @returns The newly created `ComplianceOfficerDesignation`.
2054
+ *
2055
+ * @example
2056
+ * ```typescript
2057
+ * const designation = await client.compliance.complianceOfficerDesignations.create({
2058
+ * user_id: 'user-uuid',
2059
+ * role: 'privacy_officer',
2060
+ * framework: 'hipaa',
2061
+ * });
2062
+ * ```
2063
+ */
2064
+ create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<ComplianceOfficerDesignation>;
2065
+ /**
2066
+ * Revoke a compliance officer designation.
2067
+ *
2068
+ * @param id - The UUID of the designation to revoke.
2069
+ * @param attributes - Optional revocation attributes (reason, effective date).
2070
+ * @param options - Optional request options.
2071
+ * @returns The updated `ComplianceOfficerDesignation` with revoked status.
2072
+ *
2073
+ * @example
2074
+ * ```typescript
2075
+ * const designation = await client.compliance.complianceOfficerDesignations.revoke(
2076
+ * 'cod-uuid', { reason: 'Role reassigned.' },
2077
+ * );
2078
+ * ```
2079
+ */
2080
+ revoke: (id: string, attributes?: Record<string, unknown>, options?: RequestOptions) => Promise<ComplianceOfficerDesignation>;
2081
+ };
2082
+ /**
2083
+ * ePHI Assets — electronic Protected Health Information asset inventory.
2084
+ *
2085
+ * HIPAA requires covered entities to maintain an inventory of systems
2086
+ * and locations where ePHI is created, received, maintained, or
2087
+ * transmitted. Each asset record documents one such system.
2088
+ */
2089
+ ephiAssets: {
2090
+ /**
2091
+ * List ePHI assets with optional pagination.
2092
+ *
2093
+ * @param options - Optional page number, page size, and request options.
2094
+ * @returns A page of `EphiAsset` records.
2095
+ *
2096
+ * @example
2097
+ * ```typescript
2098
+ * const assets = await client.compliance.ephiAssets.list();
2099
+ * ```
2100
+ */
2101
+ list: (options?: {
2102
+ page?: number;
2103
+ pageSize?: number;
2104
+ } & RequestOptions) => Promise<EphiAsset[]>;
2105
+ /**
2106
+ * Retrieve a single ePHI asset by ID.
2107
+ *
2108
+ * @param id - The UUID of the ePHI asset.
2109
+ * @param options - Optional request options.
2110
+ * @returns The matching `EphiAsset`.
2111
+ *
2112
+ * @example
2113
+ * ```typescript
2114
+ * const asset = await client.compliance.ephiAssets.get('ea-uuid');
2115
+ * ```
2116
+ */
2117
+ get: (id: string, options?: RequestOptions) => Promise<EphiAsset>;
2118
+ /**
2119
+ * Create a new ePHI asset record.
2120
+ *
2121
+ * @param attributes - Asset attributes (name, type, location, custodian, etc.).
2122
+ * @param options - Optional request options.
2123
+ * @returns The newly created `EphiAsset`.
2124
+ *
2125
+ * @example
2126
+ * ```typescript
2127
+ * const asset = await client.compliance.ephiAssets.create({
2128
+ * name: 'Patient Records Database',
2129
+ * asset_type: 'database',
2130
+ * location: 'us-east-1',
2131
+ * });
2132
+ * ```
2133
+ */
2134
+ create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<EphiAsset>;
2135
+ /**
2136
+ * Update an ePHI asset record.
2137
+ *
2138
+ * @param id - The UUID of the ePHI asset to update.
2139
+ * @param attributes - Attribute map of fields to change.
2140
+ * @param options - Optional request options.
2141
+ * @returns The updated `EphiAsset`.
2142
+ *
2143
+ * @example
2144
+ * ```typescript
2145
+ * const asset = await client.compliance.ephiAssets.update(
2146
+ * 'ea-uuid', { custodian: 'new-admin-uuid' },
2147
+ * );
2148
+ * ```
2149
+ */
2150
+ update: (id: string, attributes: Record<string, unknown>, options?: RequestOptions) => Promise<EphiAsset>;
2151
+ };
2152
+ /**
2153
+ * ePHI Data Flows — document how ePHI moves between systems.
2154
+ *
2155
+ * HIPAA requires understanding how ePHI flows between systems, people,
2156
+ * and organizations. Each data flow record documents one movement path,
2157
+ * including source, destination, and safeguards.
2158
+ */
2159
+ ephiDataFlows: {
2160
+ /**
2161
+ * List ePHI data flows with optional pagination.
2162
+ *
2163
+ * @param options - Optional page number, page size, and request options.
2164
+ * @returns A page of `EphiDataFlow` records.
2165
+ *
2166
+ * @example
2167
+ * ```typescript
2168
+ * const flows = await client.compliance.ephiDataFlows.list();
2169
+ * ```
2170
+ */
2171
+ list: (options?: {
2172
+ page?: number;
2173
+ pageSize?: number;
2174
+ } & RequestOptions) => Promise<EphiDataFlow[]>;
2175
+ /**
2176
+ * Retrieve a single ePHI data flow by ID.
2177
+ *
2178
+ * @param id - The UUID of the ePHI data flow.
2179
+ * @param options - Optional request options.
2180
+ * @returns The matching `EphiDataFlow`.
2181
+ *
2182
+ * @example
2183
+ * ```typescript
2184
+ * const flow = await client.compliance.ephiDataFlows.get('edf-uuid');
2185
+ * ```
2186
+ */
2187
+ get: (id: string, options?: RequestOptions) => Promise<EphiDataFlow>;
2188
+ /**
2189
+ * Create a new ePHI data flow record.
2190
+ *
2191
+ * @param attributes - Data flow attributes (source, destination, data types, encryption, etc.).
2192
+ * @param options - Optional request options.
2193
+ * @returns The newly created `EphiDataFlow`.
2194
+ *
2195
+ * @example
2196
+ * ```typescript
2197
+ * const flow = await client.compliance.ephiDataFlows.create({
2198
+ * source_asset_id: 'ea-source-uuid',
2199
+ * destination_asset_id: 'ea-dest-uuid',
2200
+ * data_types: ['patient_records'],
2201
+ * encryption: 'tls_1_3',
2202
+ * });
2203
+ * ```
2204
+ */
2205
+ create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<EphiDataFlow>;
2206
+ /**
2207
+ * Update an ePHI data flow record.
2208
+ *
2209
+ * @param id - The UUID of the ePHI data flow to update.
2210
+ * @param attributes - Attribute map of fields to change.
2211
+ * @param options - Optional request options.
2212
+ * @returns The updated `EphiDataFlow`.
2213
+ *
2214
+ * @example
2215
+ * ```typescript
2216
+ * const flow = await client.compliance.ephiDataFlows.update(
2217
+ * 'edf-uuid', { encryption: 'aes_256' },
2218
+ * );
2219
+ * ```
2220
+ */
2221
+ update: (id: string, attributes: Record<string, unknown>, options?: RequestOptions) => Promise<EphiDataFlow>;
2222
+ };
2223
+ /**
2224
+ * Breach Notification Artifacts — regulatory notification documents.
2225
+ *
2226
+ * When a breach requires notification to authorities or individuals,
2227
+ * artifacts capture the notification letters, forms, and evidence
2228
+ * packages. Artifacts can be drafted, updated, and sent.
2229
+ */
2230
+ breachNotificationArtifacts: {
2231
+ /**
2232
+ * List breach notification artifacts with optional pagination.
2233
+ *
2234
+ * @param options - Optional page number, page size, and request options.
2235
+ * @returns A page of `BreachNotificationArtifact` records.
2236
+ *
2237
+ * @example
2238
+ * ```typescript
2239
+ * const artifacts = await client.compliance.breachNotificationArtifacts.list();
2240
+ * ```
2241
+ */
2242
+ list: (options?: {
2243
+ page?: number;
2244
+ pageSize?: number;
2245
+ } & RequestOptions) => Promise<BreachNotificationArtifact[]>;
2246
+ /**
2247
+ * Retrieve a single breach notification artifact by ID.
2248
+ *
2249
+ * @param id - The UUID of the artifact.
2250
+ * @param options - Optional request options.
2251
+ * @returns The matching `BreachNotificationArtifact`.
2252
+ *
2253
+ * @example
2254
+ * ```typescript
2255
+ * const artifact = await client.compliance.breachNotificationArtifacts.get('bna-uuid');
2256
+ * ```
2257
+ */
2258
+ get: (id: string, options?: RequestOptions) => Promise<BreachNotificationArtifact>;
2259
+ /**
2260
+ * Create a new breach notification artifact.
2261
+ *
2262
+ * @param attributes - Artifact attributes (breach ID, type, content, recipients).
2263
+ * @param options - Optional request options.
2264
+ * @returns The newly created `BreachNotificationArtifact`.
2265
+ *
2266
+ * @example
2267
+ * ```typescript
2268
+ * const artifact = await client.compliance.breachNotificationArtifacts.create({
2269
+ * breach_incident_id: 'bi-uuid',
2270
+ * artifact_type: 'notification_letter',
2271
+ * content: 'Dear affected individual...',
2272
+ * });
2273
+ * ```
2274
+ */
2275
+ create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<BreachNotificationArtifact>;
2276
+ /**
2277
+ * Update a breach notification artifact.
2278
+ *
2279
+ * @param id - The UUID of the artifact to update.
2280
+ * @param attributes - Attribute map of fields to change.
2281
+ * @param options - Optional request options.
2282
+ * @returns The updated `BreachNotificationArtifact`.
2283
+ *
2284
+ * @example
2285
+ * ```typescript
2286
+ * const artifact = await client.compliance.breachNotificationArtifacts.update(
2287
+ * 'bna-uuid', { content: 'Revised notification...' },
2288
+ * );
2289
+ * ```
2290
+ */
2291
+ update: (id: string, attributes: Record<string, unknown>, options?: RequestOptions) => Promise<BreachNotificationArtifact>;
2292
+ /**
2293
+ * Send a breach notification artifact to its recipients.
2294
+ *
2295
+ * Triggers delivery of the notification and records the send event.
2296
+ *
2297
+ * @param id - The UUID of the artifact to send.
2298
+ * @param attributes - Optional send attributes (delivery method, etc.).
2299
+ * @param options - Optional request options.
2300
+ * @returns The updated `BreachNotificationArtifact` with sent status.
2301
+ *
2302
+ * @example
2303
+ * ```typescript
2304
+ * const artifact = await client.compliance.breachNotificationArtifacts.send('bna-uuid');
2305
+ * ```
2306
+ */
2307
+ send: (id: string, attributes?: Record<string, unknown>, options?: RequestOptions) => Promise<BreachNotificationArtifact>;
2308
+ };
2309
+ };
2310
+ //# sourceMappingURL=compliance.d.ts.map