Audit-ready data contracts for HIPAA, PCI, ISO 20022 and more

A data-quality check is useful. A *contract an auditor accepts* is a different thing — it also has to say how long the data is kept, how fresh it must be, and who owns it.

That's what certified contract templates are. They take a compliance pack's quality block and add the parts that live outside it:

• Retention — e.g. 6 years for HIPAA claims, 7 for ISO 20022 payments, 5 for AML/BSA.
• Freshness / SLA — how often the data must refresh, and the acceptable latency.
• Ownership — the responsible team and roles, in the contract itself.
• Certification — a stamp, the standard it follows, and a version you can track over time.

The result is a complete, schema-valid ODCS contract that's ready to hand to a reviewer.

Domains available today

• Healthcare — HIPAA Claims, HIPAA PHI De-identification, FHIR Patient
• Payments — PCI Cardholder Data, ISO 20022 Payments
• Financial crime — AML / BSA, KYC Customer Identity

How to use one

1. Open a certified pack — for example PCI Cardholder Data or AML / BSA.
2. In Download & Install, the ODCS button shows a green ✓ certified badge.
3. Download the contract — it comes with the quality block, retention, freshness, ownership, and certification already filled in.
4. Bind it to your physical tables and publish.

Same standard, same engines, but now with the compliance scaffolding your auditors expect — without writing any of it by hand.