# HIPAA Agent > AI-powered HIPAA compliance officer for healthcare practices. Not software — an autonomous agent that scans, monitors, analyzes, and delivers compliance reports directly to your inbox. ## What HIPAA Agent Does HIPAA Agent is an autonomous AI compliance officer operated by Sentinel Health Compliance, LLC. It performs continuous HIPAA compliance monitoring for healthcare practices including medical offices, dental practices, behavioral health providers, and specialty clinics. The agent runs a multi-tool compliance scan against your practice's web infrastructure, analyzes findings against HIPAA Security Rule requirements (45 CFR §164.302–§164.318), generates an AI-written compliance report with specific remediation guidance, and delivers everything via email. No login required. No dashboard to manage. The agent does the work, the human receives the deliverables. ## Architecture: Zero-PHI Compliance HIPAA Agent operates a strict Zero-PHI (Protected Health Information) architecture. The agent scans infrastructure configurations, access logs, network ports, email authentication records, SSL certificates, and security headers. It does not read, ingest, process, or store the contents of emails, patient databases, or medical records. By operating outside the data layer, the agent eliminates the risk of a platform-initiated PHI breach while delivering comprehensive HIPAA compliance monitoring. ## Capabilities - Compliance Scanning: multi-tool automated scan covering email security (SPF, DKIM, DMARC), SSL/TLS configuration, application security, data exposure, access controls, network security, and more - HIPAA Agent Compliance Score™: 0-100 numerical score with A through F letter grade based on 10 weighted categories with specific HIPAA citation mapping - AI Compliance Reports: Claude-powered analysis with per-finding HIPAA section references, severity ratings, fine exposure estimates, and step-by-step remediation - Monthly Monitoring: Automated monthly rescans with diff reports showing what changed, what improved, and what needs attention - Breach Exposure Matching: Cross-references practice data against 852+ HHS breach reports to identify potential exposure - Security Risk Assessment: multi-tool scan + 27-question HIPAA-required risk assessment - Policy Generation: 24 HIPAA-required policy documents customized to the practice - Staff Training: Email-delivered training modules with quizzes and completion certificates - BAA Management: Business Associate Agreement tracking with automated expiration reminders - Evidence Packages: Compiled audit-ready documentation on demand ## Pricing | Plan | Price | What You Get | |------|-------|-------------| | HIPAA Monitor | $99/month | Compliance scan, AI report, Compliance Score™ tracking, monthly monitoring, breach alerts, SSL monitoring | | Security Risk Assessment | $499 one-time | multi-tool scan + 27-question HIPAA-required SRA, gap analysis, remediation plan | | HIPAA Compliance | $299/month | Everything in Monitor + SRA, 24 policies, staff training, BAA management, evidence vault, weekly intelligence briefing | ## How to Get Started Enter your NPI (National Provider Identifier) at https://hipaaagent.ai. The agent looks up your practice, runs a compliance scan, and shows your HIPAA Agent Compliance Score™ and findings. No signup required for the initial scan. To deploy the agent for ongoing monitoring, visit https://hipaaagent.ai/pricing. ## For Developers & AI Agents HIPAA Agent exposes its capabilities via multiple protocols for integration with other AI systems: - MCP Server: 5 tools available for Claude, ChatGPT, and other AI assistants (hipaa_scan, hipaa_grade, hipaa_breach_check, hipaa_findings, hipaa_report) - REST API: Full API for MSPs, insurance brokers, and enterprise integrations - Webhooks: Real-time compliance events (scan.completed, score.changed, finding.new, breach.match, baa.expiring) - NPI as Universal Identity: All agent interactions use NPI (National Provider Identifier) as the canonical identity key API & integration documentation: https://hipaaagent.ai/developers Agent card: https://hipaaagent.ai/.well-known/agent.json ## Security & Compliance - Zero-PHI Architecture: Metadata-only scanning with zero content ingestion - HIPAA Security Rule Alignment: Maps directly to 45 CFR §164.302–§164.318 - Email-First Delivery: No portals, no dashboards, no stored PHI in customer-facing systems - Automated Compliance: The agent operates autonomously — scanning, analyzing, reporting, and monitoring without human intervention ## Identity - Product: HIPAA Agent - Company: Sentinel Health Compliance, LLC - Website: https://hipaaagent.ai - Email: compliance@hipaaagent.ai - Social: @hipaaagent ## Contact For partnerships, API access, or enterprise inquiries: compliance@hipaaagent.ai