HIPAA Scope de Subrat Lima

HIPAA Scope: Heuristic Risk Auditor

Manual heuristic scanner to identify HIPAA risk factors and client-side data leaks.

Technical Audits

• Transport Security: Verifies HTTPS protocol.
• Leak Detection: Identifies 3rd-party tracking pixels (Meta, Google, TikTok, etc.) that may transmit PHI.
• Legal Markers: Scans for Notice of Privacy Practices (NPP) and BAA terminology.
• Form Integrity: Detects data entry points and 3rd-party form destinations.

Implementation Details

• Manual Trigger: No background scripts. Consumes zero resources when not in use.
• Zero-Dependency: Pure vanilla JavaScript.
• Privacy: No data collection. All analysis happens locally on the client.

Disclaimer

Heuristic frontend analysis only. Identifies common technical red flags; does not substitute for legal counsel or comprehensive security auditing.