healthcare data breach
PHI exposure, EHR audit gap, DICOM exfil, HIPAA notification scoping. very specific evidence demands.
a guided path, not automation — each step opens a tool you run yourself; nothing uploads. progress is saved only in this browser.
wraps the healthcare breach — scope kit preset — drop DICOM + M365 audit + log gaps → access anomaly → baseline → custody gaps → redaction check → report
guided steps
- evidence manifest generator
hash PHI-bearing exports before any analysis — HIPAA notification scoping
- dicom medical imaging metadata forensic analyzer
DICOM metadata — patient identifiers + study access trail
- office365 audit log analyzer
EHR-adjacent M365 audit log for mailbox / file access
- log ingestion gap and silent host detector
detect gaps in log ingestion — actor may have disabled logging
- log file authenticity and integrity scorer
score log authenticity — tampered logs invalidate breach scope
- redaction quality verifier
verify PHI redactions before sharing breach notification drafts
- case report generator
draft a HIPAA notification scope report with access anomaly findings
suggested options · title: healthcare breach — scope assessment
when you're done
export a run summary — a small JSON record of which steps you marked done, your notes, and a self-hash so the record can't be silently altered. it is your reproducibility note, not a per-tool receipt: each tool emits its own input→output receipt when you run it.