Skills Guide

PHI Compliance Checker

VerifiedSafe

Scans code and data for Protected Health Information (PHI) to ensure HIPAA compliance. Use when reviewing code that handles patient data, healthcare records, or medical information. Checks for 18 HIPAA identifiers, logs, encryption, access controls, and flags PHI in comments, test data, or configuration files.

Sby Skills Guide Bot
SecurityIntermediate
1206/2/2026
Claude CodeCursorWindsurf
#phi#hipaa#compliance#healthcare#security

Recommended for

Claude CodeCursorWindsurfSecurity auditSecurity engineer

Our review

Scans code and data for Protected Health Information (PHI) to ensure HIPAA compliance.

Strengths

  • Comprehensive detection of all 18 HIPAA identifiers
  • Verifies encryption and access controls
  • Structured report with file location and PHI type

Limitations

  • May produce false positives on non-medical data
  • Does not automatically remediate findings
  • Requires basic HIPAA knowledge to interpret
When to use it

When reviewing code or datasets that contain patient health information or medical records.

When not to use it

For non-health related data or when HIPAA compliance is not a concern.

Security analysis

Safe
Quality score82/100

The skill is a static checklist for PHI identification in code review; it does not invoke any tools, execute code, or perform network operations. It presents no execution risk.

No concerns found

Examples

Scan for PHI in source code
Scan my project directory for any Protected Health Information (PHI) in source files, configuration files, and test data. List all findings with file path and identifier type.
Check logs for PHI exposure
Review the log files in ./logs/ for potential PHI exposure, especially patient names, SSNs, or medical record numbers.
Validate HIPAA compliance
Audit this healthcare application for HIPAA compliance: check for PHI hardcoding, encryption at rest and in transit, and access controls in the codebase.

name: phi-checker description: Scans code and data for Protected Health Information (PHI) to ensure HIPAA compliance. Use when reviewing code that handles patient data, healthcare records, or medical information.

PHI Compliance Checker

Instructions

When checking for PHI, scan for these 18 HIPAA identifiers:

  1. Names
  2. Geographic data (addresses, zip codes)
  3. Dates (birth, admission, discharge, death)
  4. Phone numbers
  5. Fax numbers
  6. Email addresses
  7. Social Security numbers
  8. Medical record numbers
  9. Health plan beneficiary numbers
  10. Account numbers
  11. Certificate/license numbers
  12. Vehicle identifiers and serial numbers
  13. Device identifiers and serial numbers
  14. Web URLs
  15. IP addresses
  16. Biometric identifiers
  17. Full-face photographs
  18. Any other unique identifying number or code

Review Process

  1. Scan all files for hardcoded PHI
  2. Check logs for potential PHI exposure
  3. Verify PHI is encrypted at rest and in transit
  4. Ensure proper access controls exist
  5. Flag any PHI in comments, test data, or configuration files

Report Format

List each finding with file location, PHI type, and remediation recommendation.

Related skills

Security Audit Scanner

Premium

Security

Analyzes code to detect OWASP Top 10 vulnerabilities.

Claude Codeadvanced
210
87
906
Admin

OWASP Security Checklist

Security

Generates application security checklists based on the OWASP Top 10.

claudeCursorWindsurfintermediate
148
41
440
Admin

Threat Model Generator

Security

Generates threat model documents with STRIDE analysis.

claudeCursoradvanced
78
23
289
Admin