API Compliance & Audit Skill Design compliant API patterns for GDPR, PCI-DSS, HIPAA, SOC2, and other regulatory frameworks. --- GDPR Data Subject Rights Endpoints Data Export Response Consent Record --- PCI-DSS Field Masking Rules | Field | Storage | API Response | Logs | |-------|---------|-------------|------| | Card number (PAN) | Tokenised only | | Never log | | CVV/CVC | Never store | Never return | Never log | | Expiry date | Encrypted | only | Never log | | Cardholder name | Encrypted | Masked | Never log | | Bank account number | Tokenised | Last 4 digits only | Never log | --- HIPAA…