Does this skill provide actual code for compliance?

Yes, it includes .NET/C# implementation patterns for critical compliance features like audit logging, data de-identification, and role-based field access.

Is it useful for risk assessments?

Yes, it provides a 6-step risk assessment framework covering scope definition, threat identification, and risk calculation (Likelihood × Impact).

What is the primary focus of the HIPAA Compliance skill?

It provides frameworks and implementation patterns for protecting Protected Health Information (PHI) and adhering to the HIPAA Security, Privacy, and Breach Notification Rules.

How does it handle data de-identification?

The skill provides guidance on the 'Safe Harbor' method, detailing all 18 identifiers that must be removed, along with validation logic for datasets.

Can this skill help with vendor management?

It includes detailed requirements and tracking structures for Business Associate Agreements (BAAs), ensuring all subcontractors meet compliance standards.

HIPAA Compliance Planner

Name: HIPAA Compliance Planner
Author: melodic-software

bymelodic-software

•

Security & Testing

Guides the development of HIPAA-compliant healthcare applications through PHI identification, security safeguards, and risk assessment frameworks.

The HIPAA Compliance Planning skill provides comprehensive architectural and procedural guidance for developers building software in the healthcare sector. It offers structured frameworks for identifying Protected Health Information (PHI), implementing technical safeguards like audit logging and encryption, managing Business Associate Agreements (BAAs), and conducting mandatory security risk assessments. By integrating compliance standards into the early stages of development, this skill helps teams reduce legal risks and ensure the privacy of patient data through production-grade implementation patterns.

Key Features

01Identification and de-identification guidance for the 18 HIPAA identifiers

02Structured frameworks for conducting HIPAA security risk assessments

03Technical safeguard implementation patterns for audit logging and encryption

04C#/.NET code patterns for 'Minimum Necessary' access control filters

0512 GitHub stars

06Templates and requirements for Business Associate Agreements (BAAs)

Use Cases

01Designing healthcare applications, patient portals, or medical device software

02Conducting annual security risk assessments and vulnerability analysis for ePHI

03Establishing secure data-sharing workflows with Business Associates and subcontractors

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add melodic-software/claude-code-plugins hipaa-compliance

For use in Claude.ai and ChatGPT

Key Features

01Identification and de-identification guidance for the 18 HIPAA identifiers

02Structured frameworks for conducting HIPAA security risk assessments

03Technical safeguard implementation patterns for audit logging and encryption

04C#/.NET code patterns for 'Minimum Necessary' access control filters

0512 GitHub stars

06Templates and requirements for Business Associate Agreements (BAAs)

Use Cases

01Designing healthcare applications, patient portals, or medical device software

02Conducting annual security risk assessments and vulnerability analysis for ePHI

03Establishing secure data-sharing workflows with Business Associates and subcontractors

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add melodic-software/claude-code-plugins hipaa-compliance

For use in Claude.ai and ChatGPT