feat: Domain YAML-Regeln (14 Regeln) + Field-Resolver fuer HR/Edu/HC

1. 14 neue YAML-Regeln in Kategorie K (Domain-Hochrisiko): - HR: 5 Regeln (Screening, Absagen=BLOCK, AGG, Bias, Performance) - Education: 3 Regeln (Noten, Minderjaehrige=BLOCK, Zugangssteuerung) - Healthcare: 4 Regeln (Diagnose, Triage, MDR=BLOCK, Gesundheitsdaten) 2. Field-Resolver: getHRContextValue(), getEducationContextValue(), getHealthcareContextValue() Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-12 22:35:48 +02:00
parent 0957254547
commit 352d7112c9
2 changed files with 297 additions and 1 deletions
--- a/ai-compliance-sdk/internal/ucca/policy_engine.go
+++ b/ai-compliance-sdk/internal/ucca/policy_engine.go
@@ -220,6 +220,7 @@ func (e *PolicyEngine) Evaluate(intake *UseCaseIntake) *AssessmentResult {
 		RiskLevel:               RiskLevelMINIMAL,
 		Complexity:              ComplexityLOW,
 		RiskScore:               0,
+		Intake:                  *intake,
 		TriggeredRules:          []TriggeredRule{},
 		RequiredControls:        []RequiredControl{},
 		RecommendedArchitecture: []PatternRecommendation{},
@@ -460,11 +461,97 @@ func (e *PolicyEngine) getFieldValue(field string, intake *UseCaseIntake) interf
 			return nil
 		}
 		return e.getRetentionValue(parts[1], intake)
+	case "employee_monitoring":
+		return intake.EmployeeMonitoring
+	case "hr_decision_support":
+		return intake.HRDecisionSupport
+	case "works_council_consulted":
+		return intake.WorksCouncilConsulted
+	case "hr_context":
+		if len(parts) < 2 || intake.HRContext == nil {
+			return nil
+		}
+		return e.getHRContextValue(parts[1], intake)
+	case "education_context":
+		if len(parts) < 2 || intake.EducationContext == nil {
+			return nil
+		}
+		return e.getEducationContextValue(parts[1], intake)
+	case "healthcare_context":
+		if len(parts) < 2 || intake.HealthcareContext == nil {
+			return nil
+		}
+		return e.getHealthcareContextValue(parts[1], intake)
 	}

 	return nil
 }

+func (e *PolicyEngine) getHRContextValue(field string, intake *UseCaseIntake) interface{} {
+	if intake.HRContext == nil {
+		return nil
+	}
+	switch field {
+	case "automated_screening":
+		return intake.HRContext.AutomatedScreening
+	case "automated_rejection":
+		return intake.HRContext.AutomatedRejection
+	case "candidate_ranking":
+		return intake.HRContext.CandidateRanking
+	case "bias_audits_done":
+		return intake.HRContext.BiasAuditsDone
+	case "agg_categories_visible":
+		return intake.HRContext.AGGCategoriesVisible
+	case "human_review_enforced":
+		return intake.HRContext.HumanReviewEnforced
+	case "performance_evaluation":
+		return intake.HRContext.PerformanceEvaluation
+	}
+	return nil
+}
+
+func (e *PolicyEngine) getEducationContextValue(field string, intake *UseCaseIntake) interface{} {
+	if intake.EducationContext == nil {
+		return nil
+	}
+	switch field {
+	case "grade_influence":
+		return intake.EducationContext.GradeInfluence
+	case "exam_evaluation":
+		return intake.EducationContext.ExamEvaluation
+	case "student_selection":
+		return intake.EducationContext.StudentSelection
+	case "minors_involved":
+		return intake.EducationContext.MinorsInvolved
+	case "teacher_review_required":
+		return intake.EducationContext.TeacherReviewRequired
+	case "learning_adaptation":
+		return intake.EducationContext.LearningAdaptation
+	}
+	return nil
+}
+
+func (e *PolicyEngine) getHealthcareContextValue(field string, intake *UseCaseIntake) interface{} {
+	if intake.HealthcareContext == nil {
+		return nil
+	}
+	switch field {
+	case "diagnosis_support":
+		return intake.HealthcareContext.DiagnosisSupport
+	case "treatment_recommendation":
+		return intake.HealthcareContext.TreatmentRecommend
+	case "triage_decision":
+		return intake.HealthcareContext.TriageDecision
+	case "patient_data_processed":
+		return intake.HealthcareContext.PatientDataProcessed
+	case "medical_device":
+		return intake.HealthcareContext.MedicalDevice
+	case "clinical_validation":
+		return intake.HealthcareContext.ClinicalValidation
+	}
+	return nil
+}
+
 func (e *PolicyEngine) getDataTypeValue(field string, intake *UseCaseIntake) interface{} {
 	switch field {
 	case "personal_data":
@@ -927,7 +1014,7 @@ func (e *PolicyEngine) calculateBetrvgConflictScore(intake *UseCaseIntake) (int,
 	}

 	// Factor 6: Scoring / Ranking of employees (+10)
-	if intake.Outputs.Rankings || intake.Outputs.Recommendations {
+	if intake.Outputs.RankingsOrScores || intake.Outputs.RecommendationsToUsers {
 		if intake.DataTypes.EmployeeData {
 			score += 10
 		}