# Privacy, Consent & Regulatory Compliance Lab
**Objective:** Build prompts that handle PII, consent, and regulatory rules.


## 1. Install & imports

In [None]:
!pip -q install openai

In [None]:
import os
from openai import OpenAI
client = OpenAI(api_key=os.getenv('OPENAI_API_KEY'))

## 2. Consent-gated prompt wrapper

In [None]:
def consented_chat(system_prompt, user_input, consent=False):
    if not consent:
        return '⚠️ User consent required.'
    messages=[{'role':'system','content':system_prompt},{'role':'user','content':user_input}]
    return client.chat.completions.create(model='gpt-3.5-turbo', messages=messages).choices[0].message.content


## 3. Regulatory compliance pattern (EU AI Act)

In [None]:
eu_act = ('Ensure outputs comply with EU AI Act: transparency, fairness, ' 
          'and human oversight for high-risk tasks.')
def compliant_chat(user_input):
    messages=[{'role':'system','content':eu_act},{'role':'user','content':user_input}]
    return client.chat.completions.create(model='gpt-3.5-turbo', messages=messages).choices[0].message.content


### Lab Tasks:
1. Simulate PII request (e.g. SSN) and enforce consent.
2. Build a prompt that refuses unlicensed medical advice.
3. Document compliance decisions.