iiRecord
Agentic AI Atlas · HIPAA Compliance Audit
workflow:hipaa-compliance-audita5c.ai
II.
Workflow JSON

workflow:hipaa-compliance-audit

Structured · live

HIPAA Compliance Audit json

Inspect the normalized record payload exactly as the atlas UI reads it.

File · workflows/workflows/workflows-security-compliance-deep.yamlCluster · workflows
Record JSON
{
  "id": "workflow:hipaa-compliance-audit",
  "_kind": "Workflow",
  "_file": "workflows/workflows/workflows-security-compliance-deep.yaml",
  "_cluster": "workflows",
  "attributes": {
    "displayName": "HIPAA Compliance Audit",
    "workflowKind": "governance",
    "triggerType": "scheduled",
    "typicalCadence": "annually",
    "complexity": "cross-team",
    "description": "Audits systems handling protected health information (PHI) against HIPAA\nSecurity Rule and Privacy Rule requirements -- assessing administrative,\nphysical, and technical safeguards, reviewing access controls for ePHI,\nvalidating encryption at rest and in transit, auditing BAA coverage with\nthird-party vendors, and generating the compliance evidence package for\nexternal assessors. Excludes remediation implementation.\n"
  },
  "outgoingEdges": [
    {
      "from": "workflow:hipaa-compliance-audit",
      "to": "role:security-reviewer",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:hipaa-compliance-audit",
      "to": "role:cloud-architect",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:hipaa-compliance-audit",
      "to": "role:engineering-manager",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:hipaa-compliance-audit",
      "to": "skill-area:identity-security",
      "kind": "requires_skill_area",
      "attributes": {}
    },
    {
      "from": "workflow:hipaa-compliance-audit",
      "to": "skill-area:secrets-rotation",
      "kind": "requires_skill_area",
      "attributes": {}
    },
    {
      "from": "workflow:hipaa-compliance-audit",
      "to": "domain:security",
      "kind": "applies_to_domain",
      "attributes": {}
    },
    {
      "from": "workflow:hipaa-compliance-audit",
      "to": "domain:cybersecurity",
      "kind": "applies_to_domain",
      "attributes": {}
    },
    {
      "from": "workflow:hipaa-compliance-audit",
      "to": "responsibility:security-review",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:hipaa-compliance-audit",
      "to": "responsibility:run-security-scans",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:hipaa-compliance-audit",
      "to": "org-unit:security-team",
      "kind": "performed_by_org_unit",
      "attributes": {}
    },
    {
      "from": "workflow:hipaa-compliance-audit",
      "to": "org-unit:application-security-team",
      "kind": "performed_by_org_unit",
      "attributes": {}
    },
    {
      "from": "workflow:hipaa-compliance-audit",
      "to": "org-unit:engineering",
      "kind": "performed_by_org_unit",
      "attributes": {}
    }
  ],
  "incomingEdges": [
    {
      "from": "stack-profile:healthcare-hipaa-compliant",
      "to": "workflow:hipaa-compliance-audit",
      "kind": "follows_workflow"
    }
  ]
}