Can I use this for HIPAA-regulated healthcare apps?

Yes, the skill includes guidance on PHI identifiers, administrative safeguards, and technical patterns for access logging and minimum necessary access policies.

Which compliance frameworks are covered by this skill?

The skill provides detailed guidance for SOC 2 (Security, Availability, Privacy), GDPR, HIPAA, PCI DSS, ISO 27001, and CCPA.

How does this help with SOC 2 audits?

It provides a comprehensive implementation checklist for Trust Service Criteria, covering security, availability, processing integrity, and confidentiality controls.

Does this skill provide actual code for GDPR compliance?

Yes, it includes implementation patterns for data subject request handlers, consent management records, and automated data retention enforcement.

SaaS Compliance Frameworks

Name: SaaS Compliance Frameworks
Author: melodic-software

bymelodic-software

•

セキュリティとテスト

Implements security controls and regulatory patterns for SOC 2, GDPR, HIPAA, and other SaaS compliance frameworks.

概要

This skill provides specialized guidance for developers building enterprise-grade SaaS applications that must adhere to strict security and privacy regulations. It offers actionable implementation patterns, checklists, and architectural guidance for major frameworks including SOC 2, GDPR, and HIPAA. By using this skill, teams can integrate best practices for encryption, access control (RBAC), and data lifecycle management directly into their development workflow, ensuring their software meets the rigorous demands of enterprise audits and international data laws.

主な機能

Comprehensive checklists for SOC 2 Type I and II security controls
Cross-framework control mapping to identify shared security requirements
5 GitHub stars
HIPAA-compliant PHI access logging and technical safeguard patterns
C# code snippets for managing consent and automated data disposal
GDPR implementation patterns for data subject rights and retention

ユースケース

Automating GDPR compliance features like data exports and deletion requests
Implementing technical safeguards and audit logging for healthcare applications
Architecting a new SaaS platform to meet SOC 2 security and availability criteria

概要

主な機能

Comprehensive checklists for SOC 2 Type I and II security controls
Cross-framework control mapping to identify shared security requirements
5 GitHub stars
HIPAA-compliant PHI access logging and technical safeguard patterns
C# code snippets for managing consent and automated data disposal
GDPR implementation patterns for data subject rights and retention

ユースケース

Automating GDPR compliance features like data exports and deletion requests
Implementing technical safeguards and audit logging for healthcare applications
Architecting a new SaaS platform to meet SOC 2 security and availability criteria