@tantainnovative/ndpr-toolkit 1.0.9 → 2.1.0

package/dist/breach-BpSBPrdk.d.ts

@@ -0,0 +1,185 @@
+/**
+ * Breach notification types aligned with NDPA 2023 Section 40
+ * Data controllers must notify the NDPC within 72 hours of becoming aware of a breach
+ * Data subjects must be notified without undue delay when breach is likely to result in high risk
+ */
+/**
+ * Represents a data breach category
+ */
+interface BreachCategory {
+    /** Unique identifier for the category */
+    id: string;
+    /** Display name for the category */
+    name: string;
+    /** Description of this breach category */
+    description: string;
+    /** Default severity level for this category */
+    defaultSeverity: 'low' | 'medium' | 'high' | 'critical';
+}
+/**
+ * Represents a data breach report
+ */
+interface BreachReport {
+    /** Unique identifier for the breach report */
+    id: string;
+    /** Title/summary of the breach */
+    title: string;
+    /** Detailed description of the breach */
+    description: string;
+    /** Category of the breach */
+    category: string;
+    /** Timestamp when the breach was discovered */
+    discoveredAt: number;
+    /** Timestamp when the breach occurred (if known) */
+    occurredAt?: number;
+    /** Timestamp when the breach was reported internally */
+    reportedAt: number;
+    /** Person who reported the breach */
+    reporter: {
+        name: string;
+        email: string;
+        department: string;
+        phone?: string;
+    };
+    /** Systems or data affected by the breach */
+    affectedSystems: string[];
+    /** Types of data involved in the breach */
+    dataTypes: string[];
+    /** Whether sensitive personal data is involved (NDPA Section 30) */
+    involvesSensitiveData?: boolean;
+    /** Estimated number of data subjects affected */
+    estimatedAffectedSubjects?: number;
+    /** Whether the breach is ongoing or contained */
+    status: 'ongoing' | 'contained' | 'resolved';
+    /** Initial actions taken to address the breach */
+    initialActions?: string;
+    /** Attachments related to the breach */
+    attachments?: Array<{
+        id: string;
+        name: string;
+        type: string;
+        url: string;
+        addedAt: number;
+    }>;
+}
+/**
+ * Represents a risk assessment for a data breach
+ */
+interface RiskAssessment {
+    /** Unique identifier for the risk assessment */
+    id: string;
+    /** ID of the breach this assessment is for */
+    breachId: string;
+    /** Timestamp when the assessment was conducted */
+    assessedAt: number;
+    /** Person who conducted the assessment */
+    assessor: {
+        name: string;
+        role: string;
+        email: string;
+    };
+    /** Confidentiality impact (1-5) */
+    confidentialityImpact: number;
+    /** Integrity impact (1-5) */
+    integrityImpact: number;
+    /** Availability impact (1-5) */
+    availabilityImpact: number;
+    /** Likelihood of harm to data subjects (1-5) */
+    harmLikelihood: number;
+    /** Severity of potential harm to data subjects (1-5) */
+    harmSeverity: number;
+    /** Overall risk score */
+    overallRiskScore: number;
+    /** Risk level based on the overall score */
+    riskLevel: 'low' | 'medium' | 'high' | 'critical';
+    /** Whether the breach is likely to result in a risk to rights and freedoms */
+    risksToRightsAndFreedoms: boolean;
+    /** Whether the breach is likely to result in a high risk to rights and freedoms */
+    highRisksToRightsAndFreedoms: boolean;
+    /** Justification for the risk assessment */
+    justification: string;
+}
+/**
+ * Represents notification requirements for a data breach per NDPA Section 40
+ */
+interface NotificationRequirement {
+    /**
+     * Whether NDPC notification is required
+     * Per NDPA Section 40, notification to NDPC is required for all breaches
+     * that pose a risk to data subjects' rights and freedoms
+     */
+    ndpcNotificationRequired: boolean;
+    /**
+     * Deadline for NDPC notification (72 hours from discovery)
+     * NDPA Section 40(1)
+     */
+    ndpcNotificationDeadline: number;
+    /**
+     * Whether data subject notification is required
+     * Per NDPA Section 40(4), required when breach is likely to result in
+     * high risk to rights and freedoms of data subjects
+     */
+    dataSubjectNotificationRequired: boolean;
+    /** Justification for the notification decision */
+    justification: string;
+    /**
+     * @deprecated Use ndpcNotificationRequired instead. Kept for backward compatibility.
+     */
+    nitdaNotificationRequired?: boolean;
+    /**
+     * @deprecated Use ndpcNotificationDeadline instead. Kept for backward compatibility.
+     */
+    nitdaNotificationDeadline?: number;
+}
+/**
+ * Represents a notification sent to the NDPC (Nigeria Data Protection Commission)
+ */
+interface RegulatoryNotification {
+    /** Unique identifier for the notification */
+    id: string;
+    /** ID of the breach this notification is for */
+    breachId: string;
+    /** Timestamp when the notification was sent */
+    sentAt: number;
+    /** Method used to send the notification */
+    method: 'email' | 'portal' | 'letter' | 'other';
+    /** Reference number assigned by the NDPC (if available) */
+    referenceNumber?: string;
+    /** Contact person at the NDPC */
+    ndpcContact?: {
+        name: string;
+        email: string;
+        phone?: string;
+    };
+    /** Content of the notification */
+    content: string;
+    /** Attachments included with the notification */
+    attachments?: Array<{
+        id: string;
+        name: string;
+        type: string;
+        url: string;
+    }>;
+    /** Follow-up communications with the NDPC */
+    followUps?: Array<{
+        timestamp: number;
+        direction: 'sent' | 'received';
+        content: string;
+        attachments?: Array<{
+            id: string;
+            name: string;
+            type: string;
+            url: string;
+        }>;
+    }>;
+    /**
+     * @deprecated Use ndpcContact instead. Kept for backward compatibility.
+     */
+    nitdaContact?: {
+        name: string;
+        email: string;
+        phone?: string;
+    };
+}
+
+export type { BreachReport as B, NotificationRequirement as N, RiskAssessment as R, BreachCategory as a, RegulatoryNotification as b };

package/dist/breach-D5zJYNph.d.mts

@@ -0,0 +1,17 @@
+import { B as BreachReport, R as RiskAssessment } from './breach-BpSBPrdk.mjs';
+
+/**
+ * Calculates the severity of a data breach based on various factors
+ * @param report The breach report
+ * @param assessment The risk assessment (if available)
+ * @returns The calculated severity and notification requirements
+ */
+declare function calculateBreachSeverity(report: BreachReport, assessment?: RiskAssessment): {
+    severityLevel: 'low' | 'medium' | 'high' | 'critical';
+    notificationRequired: boolean;
+    urgentNotificationRequired: boolean;
+    timeframeHours: number;
+    justification: string;
+};
+
+export { calculateBreachSeverity as c };

package/dist/breach-D7NgrdMX.d.ts

@@ -0,0 +1,17 @@
+import { B as BreachReport, R as RiskAssessment } from './breach-BpSBPrdk.js';
+
+/**
+ * Calculates the severity of a data breach based on various factors
+ * @param report The breach report
+ * @param assessment The risk assessment (if available)
+ * @returns The calculated severity and notification requirements
+ */
+declare function calculateBreachSeverity(report: BreachReport, assessment?: RiskAssessment): {
+    severityLevel: 'low' | 'medium' | 'high' | 'critical';
+    notificationRequired: boolean;
+    urgentNotificationRequired: boolean;
+    timeframeHours: number;
+    justification: string;
+};
+
+export { calculateBreachSeverity as c };

package/dist/breach.d.mts

@@ -0,0 +1,275 @@
+import React from 'react';
+import { a as BreachCategory, B as BreachReport, R as RiskAssessment, b as RegulatoryNotification } from './breach-BpSBPrdk.mjs';
+export { N as NotificationRequirement } from './breach-BpSBPrdk.mjs';
+export { u as useBreach } from './useBreach-DRKnexsk.mjs';
+export { c as calculateBreachSeverity } from './breach-D5zJYNph.mjs';
+
+interface BreachReportFormProps {
+    /**
+     * Available breach categories
+     */
+    categories: BreachCategory[];
+    /**
+     * Callback function called when form is submitted
+     */
+    onSubmit: (formData: any) => void;
+    /**
+     * Title displayed on the form
+     * @default "Report a Data Breach"
+     */
+    title?: string;
+    /**
+     * Description text displayed on the form
+     * @default "Use this form to report a suspected or confirmed data breach. All fields marked with * are required."
+     */
+    formDescription?: string;
+    /**
+     * Text for the submit button
+     * @default "Submit Report"
+     */
+    submitButtonText?: string;
+    /**
+     * Custom CSS class for the form
+     */
+    className?: string;
+    /**
+     * Custom CSS class for the submit button
+     */
+    buttonClassName?: string;
+    /**
+     * Whether to show a confirmation message after submission
+     * @default true
+     */
+    showConfirmation?: boolean;
+    /**
+     * Confirmation message to display after submission
+     * @default "Your breach report has been submitted successfully. The data protection team has been notified."
+     */
+    confirmationMessage?: string;
+    /**
+     * Whether to allow file attachments
+     * @default true
+     */
+    allowAttachments?: boolean;
+    /**
+     * Maximum number of attachments allowed
+     * @default 5
+     */
+    maxAttachments?: number;
+    /**
+     * Maximum file size for attachments (in bytes)
+     * @default 5242880 (5MB)
+     */
+    maxFileSize?: number;
+    /**
+     * Allowed file types for attachments
+     * @default ['.pdf', '.jpg', '.jpeg', '.png', '.doc', '.docx', '.xls', '.xlsx', '.txt']
+     */
+    allowedFileTypes?: string[];
+}
+declare const BreachReportForm: React.FC<BreachReportFormProps>;
+
+interface BreachRiskAssessmentProps {
+    /**
+     * The breach data to assess
+     */
+    breachData: BreachReport;
+    /**
+     * Initial assessment data (if editing an existing assessment)
+     */
+    initialAssessment?: Partial<RiskAssessment>;
+    /**
+     * Callback function called when assessment is completed
+     */
+    onComplete: (assessment: RiskAssessment) => void;
+    /**
+     * Title displayed on the assessment form
+     * @default "Breach Risk Assessment"
+     */
+    title?: string;
+    /**
+     * Description text displayed on the assessment form
+     * @default "Assess the risk level of this data breach to determine notification requirements."
+     */
+    description?: string;
+    /**
+     * Text for the submit button
+     * @default "Complete Assessment"
+     */
+    submitButtonText?: string;
+    /**
+     * Custom CSS class for the form
+     */
+    className?: string;
+    /**
+     * Custom CSS class for the submit button
+     */
+    buttonClassName?: string;
+    /**
+     * Whether to show the breach summary
+     * @default true
+     */
+    showBreachSummary?: boolean;
+    /**
+     * Whether to show notification requirements after assessment
+     * @default true
+     */
+    showNotificationRequirements?: boolean;
+}
+declare const BreachRiskAssessment: React.FC<BreachRiskAssessmentProps>;
+
+interface BreachNotificationManagerProps {
+    /**
+     * List of breach reports to manage
+     */
+    breachReports: BreachReport[];
+    /**
+     * List of risk assessments
+     */
+    riskAssessments: RiskAssessment[];
+    /**
+     * List of regulatory notifications
+     */
+    regulatoryNotifications: RegulatoryNotification[];
+    /**
+     * Callback function called when a breach is selected
+     */
+    onSelectBreach?: (breachId: string) => void;
+    /**
+     * Callback function called when a risk assessment is requested
+     */
+    onRequestAssessment?: (breachId: string) => void;
+    /**
+     * Callback function called when a notification is requested
+     */
+    onRequestNotification?: (breachId: string) => void;
+    /**
+     * Title displayed on the manager
+     * @default "Breach Notification Manager"
+     */
+    title?: string;
+    /**
+     * Description text displayed on the manager
+     * @default "Manage data breach notifications and track compliance with NDPA requirements."
+     */
+    description?: string;
+    /**
+     * Custom CSS class for the manager
+     */
+    className?: string;
+    /**
+     * Custom CSS class for the buttons
+     */
+    buttonClassName?: string;
+    /**
+     * Whether to show the breach details
+     * @default true
+     */
+    showBreachDetails?: boolean;
+    /**
+     * Whether to show the notification timeline
+     * @default true
+     */
+    showNotificationTimeline?: boolean;
+    /**
+     * Whether to show the deadline alerts
+     * @default true
+     */
+    showDeadlineAlerts?: boolean;
+}
+declare const BreachNotificationManager: React.FC<BreachNotificationManagerProps>;
+
+interface OrganizationInfo {
+    /**
+     * Name of the organization
+     */
+    name: string;
+    /**
+     * Registration number or business ID
+     */
+    registrationNumber?: string;
+    /**
+     * Physical address of the organization
+     */
+    address: string;
+    /**
+     * Website URL
+     */
+    website?: string;
+    /**
+     * Name of the Data Protection Officer
+     */
+    dpoName: string;
+    /**
+     * Email of the Data Protection Officer
+     */
+    dpoEmail: string;
+    /**
+     * Phone number of the Data Protection Officer
+     */
+    dpoPhone?: string;
+}
+interface RegulatoryReportGeneratorProps {
+    /**
+     * The breach data to include in the report
+     */
+    breachData: BreachReport;
+    /**
+     * The risk assessment data
+     */
+    assessmentData?: RiskAssessment;
+    /**
+     * Organization information to include in the report
+     */
+    organizationInfo: OrganizationInfo;
+    /**
+     * Callback function called when the report is generated
+     */
+    onGenerate: (report: RegulatoryNotification) => void;
+    /**
+     * Title displayed on the generator form
+     * @default "Generate NDPC Notification Report"
+     */
+    title?: string;
+    /**
+     * Description text displayed on the generator form
+     * @default "Generate a report for submission to the NDPC in compliance with the NDPA breach notification requirements."
+     */
+    description?: string;
+    /**
+     * Text for the generate button
+     * @default "Generate Report"
+     */
+    generateButtonText?: string;
+    /**
+     * Custom CSS class for the form
+     */
+    className?: string;
+    /**
+     * Custom CSS class for the buttons
+     */
+    buttonClassName?: string;
+    /**
+     * Whether to show a preview of the generated report
+     * @default true
+     */
+    showPreview?: boolean;
+    /**
+     * Whether to allow editing the report content
+     * @default true
+     */
+    allowEditing?: boolean;
+    /**
+     * Whether to allow downloading the report
+     * @default true
+     */
+    allowDownload?: boolean;
+    /**
+     * Format for downloading the report
+     * @default "pdf"
+     */
+    downloadFormat?: 'pdf' | 'docx' | 'html';
+}
+declare const RegulatoryReportGenerator: React.FC<RegulatoryReportGeneratorProps>;
+
+export { BreachCategory, BreachNotificationManager, BreachReport, BreachReportForm, BreachRiskAssessment, RegulatoryNotification, RegulatoryReportGenerator, RiskAssessment };