hipaa-compliance-guard

Audits HealthTech applications for HIPAA technical safeguards like encryption and audit logging. Use when reviewing healthcare infrastructure or ensuring PHI is handled according to legal security standards.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "hipaa-compliance-guard" with this command: npx skills add jorgealves/agent_skills/jorgealves-agent-skills-hipaa-compliance-guard

HIPAA Compliance Guard

Purpose and Intent

The hipaa-compliance-guard is a specialized auditing tool for the healthcare industry. Its goal is to provide a technical assessment of how well an application adheres to the HIPAA Security Rule, specifically focusing on the protection of Electronic Protected Health Information (ePHI).

When to Use

  • Architecture Reviews: Run during the design phase to ensure encryption and logging are planned.
  • Pre-Audit Self-Assessment: Use before a formal 3rd-party HIPAA audit to identify and fix low-hanging violations.
  • Infrastructure Changes: Run after modifying Terraform or Cloud scripts to ensure security groups or encryption haven't been compromised.

When NOT to Use

  • Real Patient Data: This tool should NOT be used on live databases containing PHI. It is for checking the systems that handle the data.
  • Legal Certification: Passing this audit does not mean you are "HIPAA Certified"; it means your technical configuration follows best practices.

Error Conditions and Edge Cases

  • Obfuscated Infrastructure: If cloud resources are created via manual console actions (ClickOps) instead of code, this tool cannot see them.
  • Custom Encryption: Proprietary or non-standard encryption methods may be flagged as warnings.

Security and Data-Handling Considerations

  • No PHI Access: The tool is designed to look at configurations, not data.
  • Local Analysis: Keep your infrastructure code local and run the scan within your trusted environment.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

python-security-scanner

No summary provided by upstream source.

Repository SourceNeeds Review
89-jorgealves
Security

gdpr-ccpa-privacy-auditor

No summary provided by upstream source.

Repository SourceNeeds Review
78-jorgealves
Security

license-compliance-auditor

No summary provided by upstream source.

Repository SourceNeeds Review
64-jorgealves
Automation

prompt-injection-scanner

No summary provided by upstream source.

Repository SourceNeeds Review
80-jorgealves