RSS

VS Code extension that generates SOX/FINRA/PCI-DSS-aware code documentation

compliancedoc1 pts0 comments

compliancedoc-healthcare - Visual Studio Marketplace

Skip to content

| Marketplace

Sign in

Visual Studio Code>Programming Languages>compliancedoc-healthcareNew to Visual Studio Code? Get it now.

compliancedoc-healthcare<br>compliance-documenter

3 installs<br>| (1) | Free<br>Production-grade compliance-aware code documentation backend for healthcare (HIPAA, HITECH, HITRUST, CMS, OSHA, NIST and GDPR)<br>Installation<br>Launch VS Code Quick Open (Ctrl+P), paste the following command, and press enter.<br>Copy<br>Copied to clipboard

More Info

OverviewVersion HistoryQ & ARating & Review<br>compliancedoc Healthcare Compliance Documenter

compliancedoc Healthcare is a VS Code extension plus backend service for producing compliance-aware code explanations, documentation, refactoring guidance, and audit reports for healthcare software.

It analyzes selected code against configured frameworks such as HIPAA, HITECH, HITRUST, CMS, OSHA, NIST, and GDPR, then returns structured output that can be reviewed, copied, inserted into source code and stored as audit evidence.

Output should be reviewed by a qualified compliance officer before it is relied on for regulatory submissions or production sign-off.

Contents

Product Overview

compliancedoc Features

Backend Features

Supported Compliance Frameworks

Core Workflows

Commands

API Surface

Plans and Limits

Product Overview

The project has two main parts:

Part<br>Path<br>Responsibility

VS Code extension<br>healthcare/documenter-extension<br>Captures selected code, manages sign-in, runs compliance actions, displays results, inserts generated docs, stores local history, and exposes commands/status UI.

Backend API<br>Authenticates users, enforces quotas, queues generation jobs, stores documents and rules, handles billing, and serves audit/history endpoints.

The extension sends selected code and metadata to the configured backend. The backend validates the request, applies the user's active compliance frameworks and rules, generates the result asynchronously, stores the document, and returns it to the extension.

compliancedoc Features

compliancedoc HD: Actions

compliancedoc HD: provides four primary code-analysis actions:

Feature<br>Output<br>Purpose

Explain<br>Markdown<br>Plain-English explanation for compliance officers, auditors, and non-technical reviewers.

Document<br>JSDoc<br>Insertable compliance documentation block for the selected function or code path.

Refactor<br>Markdown plus code<br>Specific remediation guidance and a compliant refactored code example.

Audit<br>Markdown report<br>Formal audit-style report for internal review or regulatory preparation.

Explain Code

Explains selected code in plain English for compliance officers, auditors, product owners, and other reviewers who do not want to read implementation details line by line.

Use this when you need to understand what a function does, what data it touches, and whether it appears to create compliance risk.

The output includes:

What the code does

Data handled and sensitivity classification

Compliance flags with rule references

Audit trail assessment

The explanation avoids developer-only shorthand where possible and calls out visible controls such as logging, authorization checks, validation, masking, encryption, or retention behavior. If a control is not visible in the selected code, the feature should treat it as missing or not evidenced.

Generate Docs

Generates permanent compliance documentation for the selected function. This feature is designed to produce a strict JSDoc block that can be inserted directly above source code and kept in version control as review evidence.

Use this when a regulated code path needs source-level documentation that explains its business purpose, regulatory context, data classification, audit expectations, and change-control concerns.

The extension validates and normalizes the returned block before insertion.

The generated documentation includes:

@function and @description

Compliance tags with rule codes and severity

Data classification, PII, PHI, and patient data notes

Risk level and audit-trail status

Parameters, return value, throws, and compliant usage example

If the AI response does not return valid JSDoc, the extension builds a fallback JSDoc block from the analysis so the user still receives insertable documentation.

For successful Document generations, the extension inserts the JSDoc above the selected function, preserves indentation, and replaces an existing adjacent JSDoc block when one is already present.

Suggest Refactoring

Reviews the selected code for compliance gaps and proposes concrete remediation steps. Unlike Explain, this feature is developer-facing: it focuses on what should change and includes a refactored code example.

Use this before commit, during audit remediation, or when planning compliance-related technical debt work.

The output includes:

Compliance risks found

PII/PHI handling issues

Recommended changes

Refactored code

Changes requiring compliance officer...

code compliance extension compliancedoc audit selected

Related Articles

Amazon, Facebook, FBI have access to a private intelligence-sharing network

root-parent18 ptsseattle prism shield network private intelligence

Show HN: GoPeek – open links in live mini browser windows without new tabs

GeorgeWoff2518 ptsgopeek open browser links live mini

Agent Memory: An Anatomy

brgsk17 ptsmemory library user agent semantic libraries

SpaceX not the behemoth everyone thought

kaycebasques13 pts_blockquote instagram data vars text media

The Mirror Is Part of the Machine

london_safari10 ptstelemetry mirror decision logs enough time
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.