{"total_standards":24,"by_status":{"certified":7,"architecture_compliant":6,"roadmap":11},"standards":[{"standard":"HIPAA Privacy & Security Rule","body":"HHS (US)","jurisdiction":"United States","status":"certified","relevance":"Core PHI protection — US federal law"},{"standard":"HL7 FHIR R4","body":"HL7 International","jurisdiction":"Global","status":"certified","relevance":"Universal interoperability standard — adopted in 40+ countries"},{"standard":"USCDI v3","body":"ONC (US)","jurisdiction":"United States","status":"certified","relevance":"Minimum health data set for US federal interoperability"},{"standard":"SMART on FHIR / OAuth 2.0","body":"HL7 / IETF","jurisdiction":"Global","status":"certified","relevance":"Secure app authorization — required for ONC §170.315(g)(10)"},{"standard":"21st Century Cures Act","body":"ONC (US)","jurisdiction":"United States","status":"certified","relevance":"Information blocking prohibition, patient data rights"},{"standard":"FDA DSCSA (Drug Provenance)","body":"FDA (US)","jurisdiction":"United States","status":"certified","relevance":"Drug supply chain traceability — 21 U.S.C. § 360eee"},{"standard":"E-SIGN Act / 21 CFR Part 11","body":"NIST / FDA","jurisdiction":"United States","status":"certified","relevance":"Electronic signatures — SHA-256 + blockchain timestamp"},{"standard":"GDPR","body":"European Commission","jurisdiction":"European Union","status":"architecture_compliant","relevance":"AES-256 encryption, patient key control, right to deletion — all built in"},{"standard":"PIPEDA / Bill C-27","body":"Government of Canada","jurisdiction":"Canada","status":"architecture_compliant","relevance":"Patient consent architecture and data minimization already implemented"},{"standard":"UK GDPR / Data Protection Act 2018","body":"ICO (UK)","jurisdiction":"United Kingdom","status":"architecture_compliant","relevance":"Same GDPR principles — patient sovereignty by design"},{"standard":"Australian Privacy Act 1988","body":"OAIC (Australia)","jurisdiction":"Australia","status":"architecture_compliant","relevance":"APPs 3,6,11 — consent, use, security — all covered"},{"standard":"LGPD","body":"ANPD (Brazil)","jurisdiction":"Brazil","status":"architecture_compliant","relevance":"Brazil GDPR equivalent — consent + security requirements covered"},{"standard":"PDPA","body":"PDPC (Singapore/Thailand)","jurisdiction":"SE Asia","status":"architecture_compliant","relevance":"Patient consent engine maps directly to PDPA requirements"},{"standard":"ISO 27001:2022","body":"ISO / IEC","jurisdiction":"Global","status":"roadmap","relevance":"Information security management — required by most non-US governments"},{"standard":"ICD-11","body":"WHO","jurisdiction":"Global","status":"roadmap","relevance":"WHO's current disease coding standard — supersedes ICD-10 globally"},{"standard":"SNOMED CT","body":"SNOMED International","jurisdiction":"Global (40+ countries)","status":"roadmap","relevance":"Clinical terminology used by NHS, Australia, Canada, EU, Singapore"},{"standard":"HL7 International Patient Summary (IPS)","body":"HL7 / ISO 27269","jurisdiction":"Global","status":"roadmap","relevance":"Cross-border patient record portability — WHO + EU mandate"},{"standard":"IHE Profiles (PIX/PDQ/XDS/XCA)","body":"IHE International","jurisdiction":"Global","status":"roadmap","relevance":"Patient identity cross-referencing for national health registries"},{"standard":"WHO SMART Guidelines / FHIR IG","body":"WHO","jurisdiction":"Global","status":"roadmap","relevance":"WHO's implementation framework for global health programs"},{"standard":"EN 13606 (EHR Communication)","body":"CEN/TC 251","jurisdiction":"European Union","status":"roadmap","relevance":"European EHR communication and information architecture standard"},{"standard":"NHS DSCR / SNOMED UK Edition","body":"NHS England","jurisdiction":"United Kingdom","status":"roadmap","relevance":"Required for NHS Digital supplier registration and G-Cloud listing"},{"standard":"DiGA (Digitale Gesundheitsanwendungen)","body":"BfArM (Germany)","jurisdiction":"Germany / EU","status":"roadmap","relevance":"Germany's fast-track digital health application certification"},{"standard":"My Health Record Act 2012","body":"ADHA (Australia)","jurisdiction":"Australia","status":"roadmap","relevance":"National patient record infrastructure — vendor partnership pathway"},{"standard":"FedRAMP Moderate","body":"GSA / NIST (US)","jurisdiction":"US Federal","status":"roadmap","relevance":"Required for VA, DoD, CMS federal contracts — signals rigor globally"}],"message":"MyRxWallet is built on privacy-by-design principles. AES-256-GCM encryption, patient-controlled keys, consent-gated access, and blockchain audit trails satisfy the core requirements of GDPR, PIPEDA, Australian Privacy Act, LGPD, and PDPA without architectural changes. ISO 27001 certification, SNOMED CT, ICD-11, and HL7 IPS are active roadmap targets."}