What cloud platforms are supported?

The skill provides patterns and best practices applicable to AWS, Microsoft Azure, and Google Cloud Platform (GCP), with a focus on cloud-native and serverless services.

How does it help reduce PCI-DSS scope?

It provides strategies for tokenization and network segmentation that help isolate cardholder data environments, effectively reducing the overall audit scope.

Does it include GDPR-specific data controls?

Yes, it covers data residency controls for EU regions, mechanisms for the 'Right to Erasure', consent management, and Privacy by Design principles.

Can it assist with HIPAA-regulated healthcare applications?

Yes, it offers guidance on Business Associate Agreements (BAAs), PHI encryption at rest and in transit, and strict network isolation strategies for healthcare data.

How does this skill help with SOC 2 compliance?

It provides specific architectural requirements for encryption standards, access logging, least-privilege IAM policies, and documented change management procedures necessary for Type II audits.

Enterprise Compliance Architect

Name: Enterprise Compliance Architect
Author: Microck

byMicrock

•

Security & Testing

Architects secure, enterprise-grade cloud systems that meet SOC 2, HIPAA, GDPR, and PCI-DSS regulatory requirements.

The Compliance Architecture Expert skill provides specialized guidance for designing and maintaining systems in highly regulated industries. It offers a comprehensive framework for implementing technical controls across serverless and cloud architectures, specifically focusing on SOC 2 Type II, HIPAA, GDPR, and PCI-DSS standards. By providing actionable checklists, security misconfiguration warnings, and audit-ready patterns for AWS, Azure, and GCP, this skill helps development teams ensure data protection and regulatory alignment from the initial design phase through to production deployment.

Key Features

01SOC 2 Type II controls for serverless and SaaS environments

02Security misconfiguration warnings for IAM, S3, and Secrets Management

03PCI-DSS tokenization and network segmentation strategies

04HIPAA-compliant architecture patterns for healthcare data

0581 GitHub stars

06GDPR data residency and 'Right to Erasure' implementation guides

Use Cases

01Implementing GDPR-mandated data localization and deletion workflows

02Preparing a cloud-native SaaS application for a SOC 2 Type II audit

03Designing a HIPAA-compliant backend for medical data processing

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add microck/ordinary-claude-skills compliance-architecture

For use in Claude.ai and ChatGPT

Download Skill