hipaa-validate

# /hipaa-validate - HIPAA Compliance Scanner $ARGUMENTS Scan a codebase for HIPAA compliance issues using pattern-matching heuristics. Detects PHI exposure in logs, missing audit trails, unencrypted transmission/storage, hardcoded patient data, access control gaps, and missing Business Associate Agreement references. Read-only — never modifies files. **Regulation basis**: 45 CFR Parts 160, 162, 164 (HIPAA Administrative Simplification, as amended through March 26, 2013). Covers Security Rule (§164.302-318), Privacy Rule (§164.500-534), Breach Notification Rule (§164.400-414), and enforcement penalties (§160.400-426). ## Usage ``` /hipaa-validate # Scan full project (developer mode — definitives only) /hipaa-validate src/ # Scan specific path /hipaa-validate --mode compliance # Full audit sweep including heuristic categories /hipaa-validate --severity high # Filter to HIGH findings only /hipaa-validate --keywords member,enrollee # Extend healthcare keyword list /hipaa-validate --output json # Structured JSON output for CI integration ``` **Modes:** - `developer` (default): Categories 1, 3, 4, 7, 8 — definitive regex matches only, low false-positive rate, suited for daily use - `compliance`: All 8 categories — includes heuristic checks (Cat 2, 5, 6) for audit sweep coverage, suited for pre-audit sweeps **Severity filtering:** `--severity high` shows only HIGH findings, `--severi...