> ## Documentation Index
> Fetch the complete documentation index at: https://docs.responsibleailabs.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# HIPAA

> AI content को HIPAA Privacy और Security Rules के against check करें। PHI handling, minimum necessary standard, BAA requirements, breach notification, और de-identification को cover करता है।

<Info>
  **Endpoint:** `POST /railscore/v1/compliance/check` | **Framework code:** `hipaa` | **Credits:** 5.0 प्रति call
</Info>

Health Insurance Portability and Accountability Act, sensitive patient health information को protect करने के standards establish करता है। Compliance check evaluate करता है कि क्या AI-generated content PHI को सही तरीके से handle करता है और HIPAA obligations पूरी करता है।

## Supported checks

| क्षेत्र             | Rule          | क्या check होता है                                                              |
| ------------------- | ------------- | ------------------------------------------------------------------------------- |
| PHI handling        | Privacy Rule  | Protected Health Information properly safeguarded है या नहीं                    |
| Minimum necessary   | 164.502(b)    | Access/disclosure आवश्यक चीज़ों तक सीमित है या नहीं                             |
| BAA requirements    | 164.502(e)    | Third-party sharing के लिए Business Associate Agreements referenced हैं या नहीं |
| Breach notification | 164.404-408   | Breach notification obligations को address किया गया है या नहीं                  |
| De-identification   | 164.514       | Data, Safe Harbor या Expert Determination standards को पूरा करता है या नहीं     |
| Patient rights      | 164.524-526   | PHI तक access का अधिकार, amendment requests                                     |
| Security safeguards | Security Rule | Administrative, physical, और technical safeguards                               |

## Request

```bash theme={null}
curl -X POST https://api.responsibleailabs.ai/railscore/v1/compliance/check \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_RAIL_API_KEY" \
  -d '{
    "content": "The patient diagnosed with Type 2 diabetes was referred to an endocrinologist.",
    "frameworks": ["hipaa"],
    "context": "Healthcare chatbot assisting clinical staff"
  }'
```

## Response

```json theme={null}
{
  "result": {
    "overall_compliant": false,
    "frameworks": {
      "hipaa": {
        "compliant": false,
        "issues": [
          {
            "clause": "164.502(b) — Minimum necessary standard",
            "description": "Response includes specific diagnosis information. Verify that the recipient requires this level of clinical detail.",
            "severity": "medium",
            "remediation": "Apply minimum necessary principle: only include PHI elements required for the specific use case. Consider de-identifying where possible."
          }
        ]
      }
    }
  },
  "credits_consumed": 5.0
}
```

## अन्य frameworks के साथ combine करें

EU में operate करने वाले healthcare AI के लिए, HIPAA को GDPR के साथ check करें:

```bash theme={null}
curl -X POST https://api.responsibleailabs.ai/railscore/v1/compliance/check \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_RAIL_API_KEY" \
  -d '{
    "content": "Patient records are stored in US-based cloud infrastructure.",
    "frameworks": ["hipaa", "gdpr"],
    "context": "Telemedicine platform serving US and EU patients"
  }'
```

<Note>
  PHI detection, de-identification verification, और BAA compliance tracking के लिए dedicated HIPAA endpoints development के under हैं।
</Note>
