Skill

checking-hipaa-compliance

Audits codebases, configurations, and docs for HIPAA compliance in healthcare apps, checking PHI protection, access controls, encryption, logging, and BAA adherence.

AWS

Bash

security

npx claudepluginhub jeremylongshore/claude-code-plugins-plus-skills --plugin hipaa-compliance-checker

Tool Access

This skill is limited to using the following tools:

ReadWriteEditGrepGlobBash(security:*)Bash(scan:*)Bash(audit:*)

Preview

Audit healthcare applications for HIPAA compliance, checking PHI data handling, access controls, encryption requirements, audit logging, and Business Associate Agreement adherence.

Supporting Assets

assets/README.mdreferences/README.mdscripts/README.md

SKILL.md

Similar Skills

performing-security-audits

1.9k

Conducts security audits on code, infrastructure, and configs: vulnerability scans (OWASP Top 10), compliance checks (HIPAA, PCI DSS, GDPR, SOC 2), cryptography reviews. Use for assessing security posture.

7 files6 tools

security-pro-pack

compliance-checker

Checks code against OWASP Top 10, CWE, NIST, PCI-DSS, HIPAA, GDPR, and secure coding practices. Generates compliance reports with checklists and gap analysis.

devkit

assess-hipaa

Conducts HIPAA compliance assessments for healthcare systems handling PHI, evaluating safeguards, PHI flows, risks, entity classification, and generating remediation reports.

2 tools

compliance-planning

Stats

Parent Repo Stars1853

Parent Repo Forks248

Last CommitApr 3, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Hipaa Compliance Checker

Audit healthcare applications for HIPAA compliance, checking PHI data handling, access controls, encryption requirements, audit logging, and Business Associate Agreement adherence.

Overview

This skill automates the process of identifying potential HIPAA compliance issues within a software project. By using the hipaa-compliance-checker plugin, it helps developers and security professionals proactively address vulnerabilities and ensure adherence to HIPAA guidelines.

How It Works

Analyze Request: Claude identifies the user's intent to check for HIPAA compliance.
Initiate Plugin: Claude activates the hipaa-compliance-checker plugin.
Execute Checks: The plugin scans the specified codebase, configuration files, or documentation for potential HIPAA violations.
Generate Report: The plugin generates a detailed report outlining identified issues and their potential impact on HIPAA compliance.

When to Use This Skill

This skill activates when you need to:

Evaluate a codebase for HIPAA compliance before deployment.
Identify potential HIPAA violations in existing systems.
Assess the HIPAA readiness of infrastructure configurations.
Verify that documentation adheres to HIPAA guidelines.

Examples

Example 1: Checking a codebase for HIPAA compliance

User request: "Check HIPAA compliance of the patient data API codebase."

The skill will:

Activate the hipaa-compliance-checker plugin.
Scan the specified API codebase for potential HIPAA violations.
Generate a report listing any identified issues, such as insecure data storage or insufficient access controls.

Example 2: Assessing infrastructure configuration for HIPAA readiness

User request: "Assess the HIPAA readiness of our AWS infrastructure configuration."

The skill will:

Activate the hipaa-compliance-checker plugin.
Analyze the AWS infrastructure configuration files for potential HIPAA violations, such as misconfigured security groups or inadequate encryption.
Generate a report outlining any identified issues and recommendations for remediation.

Best Practices

Specify Target: Always clearly specify the target (e.g., codebase, configuration file, documentation) for the HIPAA compliance check.
Review Reports: Carefully review the generated reports to understand the identified issues and their potential impact.
Prioritize Remediation: Prioritize the remediation of identified issues based on their severity and potential impact on HIPAA compliance.

Integration

This skill can be integrated with other security and compliance tools to provide a comprehensive view of a system's security posture. The generated reports can be used as input for vulnerability management systems and security information and event management (SIEM) platforms.

Prerequisites

Access to codebase and configuration files in ${CLAUDE_SKILL_DIR}/
Security scanning tools installed as needed
Understanding of security standards and best practices
Permissions for security analysis operations

Instructions

Identify security scan scope and targets
Configure scanning parameters and thresholds
Execute security analysis systematically
Analyze findings for vulnerabilities and compliance gaps
Prioritize issues by severity and impact
Generate detailed security report with remediation steps

Output

Security scan results with vulnerability details
Compliance status reports by standard
Prioritized list of security issues by severity
Remediation recommendations with code examples
Executive summary for stakeholders

Error Handling

If security scanning fails:

Verify tool installation and configuration
Check file and directory permissions
Validate scan target paths
Review tool-specific error messages
Ensure network access for dependency checks

Resources

Security standard documentation (OWASP, CWE, CVE)
Compliance framework guidelines (GDPR, HIPAA, PCI-DSS)
Security scanning tool documentation
Vulnerability remediation best practices