Can it help reduce PCI DSS scope?

Absolutely. It offers tokenization strategies and network segmentation patterns specifically designed to minimize the Cardholder Data Environment (CDE) and simplify audits.

Is this skill suitable for SOC 2 preparation?

Yes, it includes detailed checklists for access logging, change management, and encryption controls required for successful SOC 2 Type II audits.

How does it handle GDPR requirements?

It provides implementation patterns for data residency, granular consent management, and 'Right to Erasure' (data deletion) procedures to meet European regulations.

Does this skill help with HIPAA-compliant cloud hosting?

Yes, it provides specific configurations for AWS, Azure, and GCP, including Business Associate Agreement (BAA) requirements and mandatory encryption standards for PHI.

What cloud providers are supported?

The skill covers best practices for all major cloud providers, including AWS, Microsoft Azure, and Google Cloud Platform, with a focus on managed services and serverless.

Compliance Architecture Expert

Name: Compliance Architecture Expert
Author: Microck

byMicrock

•

クラウドインフラストラクチャ

Architects enterprise-grade security and compliance frameworks for SOC 2, HIPAA, GDPR, and PCI-DSS across cloud and serverless environments.

The Compliance Architecture Expert skill provides specialized guidance for designing, implementing, and auditing cloud-native systems that must adhere to stringent regulatory standards. It offers technical checklists, security control patterns, and best practices for encryption, access management, and logging, helping development teams prepare for audits and maintain compliance for healthcare, fintech, and SaaS applications while maximizing operational efficiency.

主な機能

01SOC 2 Type II audit readiness and control implementation patterns

02HIPAA-compliant healthcare data system design and BAA requirements

0381 GitHub stars

04GDPR data residency, privacy-by-design, and erasure workflows

05PCI-DSS tokenization and network segmentation strategies

06Comprehensive production security checklists for serverless and cloud deployments

ユースケース

01Preparing a SaaS application for a SOC 2 Type II audit through automated evidence collection

02Designing a HIPAA-compliant serverless backend on AWS, GCP, or Azure

03Implementing GDPR-compliant data residency and 'Right to Erasure' capabilities

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add microck/ordinary-claude-skills compliance-architecture

For use in Claude.ai and ChatGPT

Download Skill