From domain-healthcare
Guides HIPAA compliance for healthcare systems handling PHI: technical/administrative/physical safeguards, BAA checklists, risk assessments, breach notifications.
How this skill is triggered — by the user, by Claude, or both
Slash command
/domain-healthcare:hipaa-complianceThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
- Designing or auditing encryption for PHI at rest and in transit
references/technical-safeguards.md — encryption (AES-256-GCM, TDE, envelope encryption), access controls (RBAC, break-glass, session timeout), audit controls, transmission security (TLS, mTLS)references/administrative-physical-safeguards.md — security officer designation, workforce training, access management workflows, incident response, contingency planning, risk analysis, physical facility and device controlsreferences/baa-risk-breach.md — BAA checklist for vendor onboarding, risk assessment methodology (8-step), breach notification procedures and HHS reporting timelinesnpx claudepluginhub rnavarych/alpha-engineer --plugin domain-healthcareProvides HIPAA compliance guidance for healthcare software developers on technical safeguards like encryption, access controls, audit logs. Reviews docs, generates policies, educates on rules.
Implements HIPAA Security Rule safeguards for ePHI: risk analysis, administrative/physical/technical controls, BAAs, and breach-notification readiness. Use for covered entities or business associates.
Activates HIPAA-specific overlay for healthcare privacy work, enforcing PHI guardrails, BAA checks, minimum necessary access, and audit trail requirements.