Health data privacy, clinical lab standards, fraud & abuse, and patient safety regulations for hospitals, clinics, and health systems. AuditDSS decomposes 84 regulations into 40,985 individually testable obligations across 18 jurisdictions with 4-axis risk scoring.
OIG, CMS, and OCR are pursuing larger penalties and broader investigations. The compliance gap you don't know about is the one that triggers an audit.
$2.6B
DOJ healthcare fraud recoveries (2023)
False Claims Act, Anti-Kickback, and Stark Law cases continue to dominate enforcement
$1.25M
Average HIPAA penalty
OCR has imposed penalties up to $16M for systemic Security Rule failures
Strict liability
Stark Law violations
No intent required — if the arrangement doesn't fit an exception, it's a violation. Period.
84
Regulations covered
4,192
Rules decomposed
40,985
Obligations scored
18
Jurisdictions
18 jurisdictions, 84 regulations
From HIPAA Privacy and Security Rules to FDA device manufacturing standards, from Anti-Kickback safe harbors to CLIA laboratory requirements — AuditDSS decomposes every regulation into independently testable obligations.
Score your HIPAA program, Stark Law arrangements, and Anti-Kickback compliance in a single assessment. Identify the gaps OIG will find in their next investigation.
FDA QSR (21 CFR 820) and 21 CFR 11 compliance scored at the obligation level. Know exactly which CAPA, design control, or electronic records requirement you're missing.
CLIA laboratory standards decomposed into 1,119 individual obligations. Personnel qualifications, proficiency testing, quality control — all scored and risk-ranked.
All 84 regulations applicable to healthcare, grouped by theme. Every regulation links to its detailed obligation breakdown.
HHS Office of Inspector General
Aged Care Quality and Safety Commission
Department of Health and Aged Care
Australian Health Practitioner Regulation Agency
Centers for Medicare & Medicaid Services
HHS Office for Civil Rights
Centers for Medicare & Medicaid Services
Care Quality Commission
Centers for Medicare & Medicaid Services
Centers for Medicare & Medicaid Services
Office of the Australian Information Commissioner
Autoridade Nacional de Proteção de Dados
California Attorney General / California Privacy Protection Agency
Cyberspace Administration of China
DIFC Commissioner of Data Protection
European Data Protection Board
Privacy Commissioner for Personal Data
Data Protection Board of India
Personal Information Protection Commission
Personal Information Protection Commission
Ministry of Transport, Communications and Information Technology
Saudi Data and AI Authority
Personal Data Protection Commission
Personal Data Protection Committee (PDPC)
UAE Data Office
Information Commissioner's Office
Information Regulator of South Africa
Cyber and Infrastructure Security Centre
Joint Committee of European Supervisory Authorities (EBA/ESMA/EIOPA)
Federal Trade Commission
Center for Internet Security
European Union Agency for Cybersecurity
National Institute of Standards and Technology
National Institute of Standards and Technology
New York Department of Financial Services
PCI Security Standards Council
Saudi Arabian Monetary Authority
Cybersecurity and Infrastructure Security Agency
General Services Administration
HITRUST Alliance
American Institute of Certified Public Accountants
Department of Justice
Department of Labor - Employee Benefits Security Administration
European Parliament and Council
US Department of Justice — FCPA Unit
Agence Française Anticorruption
Information Systems Audit and Control Association
Committee of Sponsoring Organizations of the Treadway Commission
Securities and Exchange Commission
Serious Fraud Office
Australian Securities and Investments Commission
European Parliament and Council
International Sustainability Standards Board
International Sustainability Standards Board
Securities and Exchange Commission
Safe Work Australia
European Parliament and Council
Occupational Safety and Health Administration
Occupational Safety and Health Administration
Health and Safety Executive
Fair Work Commission
Australian Border Force
Ministry of Human Resources and Social Development
Equality and Human Rights Commission
Advisory, Conciliation and Arbitration Service
Independent Anti-Slavery Commissioner
U.S. Department of Labor — Wage and Hour Division
U.S. Department of Labor — Wage and Hour Division
Equal Employment Opportunity Commission
National Cybersecurity Authority
National Cybersecurity Authority
National Cybersecurity Authority
National Cybersecurity Authority
National Cybersecurity Authority
Zakat, Tax and Customs Authority
American Institute of Certified Public Accountants
Center for Internet Security
Information Systems Audit and Control Association
Committee of Sponsoring Organizations of the Treadway Commission
Cloud Security Alliance
International Auditing and Assurance Standards Board
International Auditing and Assurance Standards Board
American Institute of Certified Public Accountants
American Institute of Certified Public Accountants
Answer a few questions about your business. Get a complete compliance program — policies, procedures, and operational forms — tailored to your risk profile and mapped to every obligation. Ready in minutes.
Healthcare Compliance Policy
Risk-calibrated · 10–15 sections
Operational Procedures
Step-by-step · Staff-ready
Forms & Checklists
Operational forms · Ready to use
Score your existing policies against 40,985 obligations — or generate a complete compliance program tailored to your business in minutes.