From NPI to Inbox
In Minutes
Enter your NPI. The agent scans 73 compliance checkpoints, grades your practice across 10 weighted categories, writes a full report with HIPAA citations, and delivers it to your email. No portal. No login.
Check Your Compliance →The Agent Pipeline
Enter your NPI
You provide your 10-digit National Provider Identifier. The agent queries the NPPES registry to pull your practice name, address, specialty, and website.
NPI is the universal key — no account creation, no signup form. The agent identifies your practice from the same registry CMS uses.
Agent scans 73 compliance checkpoints
The agent runs a comprehensive external scan across 10 categories: email authentication, SSL/TLS, security headers, application security, privacy compliance, network exposure, information leakage, breach history, DNS health, and infrastructure.
Every IP address is resolved and scanned independently. Multi-IP practices get per-IP results. The scan checks your bare domain, www subdomain, mail servers, and all public-facing infrastructure.
10-category weighted grading
Each finding is categorized and weighted. Email Security carries 35% of the total score. Application Security carries 13%. All 10 categories are scored 0–100 and combined into your HIPAA Agent Compliance Score™.
Cap rules prevent inflated grades: any HIGH-weight category below 40 caps your grade at D. Below 20 caps at F. Two or more HIGH categories below 50 also caps at F.
AI writes your compliance report
Your AI compliance officer analyzes every finding and writes a full compliance report. Each finding includes the specific HIPAA citation it violates, a severity rating, estimated fine exposure, and step-by-step remediation instructions.
This is not a template. The report is written specifically for your practice, referencing your infrastructure, your findings, and your compliance posture.
Report delivered to your inbox
The complete compliance report arrives as a PDF in your email. No portal to log into. No credentials to remember. Open it, read it, share it with your compliance officer or IT team.
The PDF includes your HIPAA Agent Compliance Score™, grade, all findings with citations, remediation steps, and a compliance timeline.
Monthly rescan with diff report
Every month, the agent rescans your practice and generates a diff report showing what changed. New findings, resolved findings, score changes, and grade movements — all tracked automatically.
You never have to remember to check. The agent monitors and reports. If something degrades, you know immediately.
73 Compliance Checkpoints
Across 10 categories, the agent examines every public-facing aspect of your practice.
Email Authentication
SPF, DKIM, DMARC, MX records, deliverability, BIMI, MTA-STS
SSL/TLS Configuration
Certificate validity, chain completeness, TLS versions, cipher suites, HSTS
Security Headers
CSP, X-Frame-Options, X-Content-Type, Referrer-Policy, Permissions-Policy
Application Security
CMS detection, JS library vulnerabilities, SRI, mixed content, open redirect
Privacy & Compliance
Privacy policy detection, cookie consent, form analysis, HIPAA BAA hosting
Network Security
Port scanning (all IPs), RDP, SMB, LDAP exposure, firewall detection
Information Leakage
HTML comments, exposed paths, directory listing, error disclosure, robots.txt
Breach History
HHS breach portal cross-reference, Shodan InternetDB, deep breach databases
DNS Health
DNSSEC, CAA records, DNS zone transfer, subdomain enumeration, WHOIS
Infrastructure
Tech stack fingerprint, server headers, hosting provider, CDN, WAF detection
What the Report Includes
HIPAA Agent Compliance Score™
Your overall score (0–100) and letter grade (A–F) based on 10 weighted categories.
Per-finding HIPAA citations
Every finding references the specific HIPAA section it violates — §164.312(e), §164.308(a)(1), etc.
Severity ratings
Each finding is rated CRITICAL, HIGH, MEDIUM, or LOW based on exploitability and HIPAA impact.
Fine exposure estimates
Potential OCR fine ranges based on the tier of violation and number of affected individuals.
Remediation steps
Specific, actionable steps to fix each finding. Not generic advice — tailored to your infrastructure.
Compliance timeline
Month-over-month tracking of your score, grade, and finding count as the agent monitors your practice.
See It in Action
Enter your NPI and the agent does the rest. Your compliance report arrives in your inbox — no signup, no credit card, no portal.
Check Your Compliance →