Self-Assessment
Scored checklist across 6 compliance areas (38 items). Produces a compliance score and identifies your highest-risk gaps. Start here.
2 files: Word document (.docx) + CSV (Excel-importable) 26 Documents. 7 Regulatory Frameworks. One Toolkit. Your AI Tools Might Be
Your AI Tools Might Be
Breaking the Law
HIPAA, the EU AI Act, FTC, TCPA, and state bar rules are catching up to AI faster than most businesses realize. This toolkit gives you every template, checklist, and framework you need to find and fix compliance gaps before regulators do.
What's Happening Right Now
Three regulatory forces are converging in 2026. Most businesses aren't ready.
Aug 2, 2026
EU AI Act: Full Enforcement
If any of your AI tools are built by an EU-based provider or you serve EU customers, you're in scope. High-risk AI systems require conformity assessments, transparency documentation, and human oversight protocols. Fines up to 35M EUR.
Active Enforcement
HIPAA + AI Crackdown
HHS has clarified that AI systems processing PHI are subject to the full HIPAA Security Rule. AI chatbots collecting patient symptoms, appointment systems touching PHI, AI tools without BAAs - all enforcement targets.
Rolling 2024–2026
State Bar AI Ethics Opinions
California, New York, Florida, Texas, and Illinois have published AI-specific ethics guidance. Disclosure, supervision, and advertising requirements that most firms haven't addressed yet.
7 Sections. 26 Documents.
Built by a CISSP/CISM-certified security professional. Not a marketing agency running a checklist.
01
02
HIPAA + AI Bundle
BAA AI addendum, AI Acceptable Use Policy, data handling procedures, PHI flow checklist, and vendor security questionnaire. Everything a healthcare practice needs.
5 documents 03
EU AI Act
Readiness assessment, risk classification guide, documentation requirements, and phased compliance timeline through August 2026.
4 documents 04
Legal Ethics
State bar AI ethics guide (CA, NY, FL, TX, IL), UPL risk checklist, client disclosure templates, and advertising review checklist.
4 documents 05
FTC / TCPA
AI marketing compliance guide, TCPA checklist for AI calls and texts (with state recording consent map), and ready-to-use consent collection templates.
3 documents 06
Remediation
Step-by-step remediation playbook, issue tracker spreadsheet, and staff training outline. When you find gaps, this section tells you exactly how to close them.
3 documents + CSV tracker 07
Reference
Regulatory quick-reference card, AI tool inventory template, and data flow mapping guide. Keep these pinned for ongoing use.
3 documentsBuilt for Service Businesses Using AI
If you use chatbots, voice agents, AI scheduling, automated follow-ups, or AI-generated marketing - this is for you.
Healthcare
Dental & Medical Practices
HIPAA compliance for AI chatbots, appointment systems, recall automation, review solicitation, and clinical decision support tools.
Legal
Law Firms
State bar ethics compliance, UPL risk from AI chatbots, client confidentiality in AI tools, AI advertising review, and engagement letter disclosures.
Home Services
HVAC, Plumbing, Electrical
TCPA compliance for AI calls and texts, FTC rules for AI marketing, state contractor ad rules, and call recording consent.
Any Industry
Every Business Using AI
EU AI Act readiness, FTC marketing compliance, consent management, vendor risk assessment, and AI governance frameworks that apply across industries.
Real Compliance Expertise
This toolkit was built by a security professional, not a marketing agency.
CISSP & CISM Certified
Industry-recognized certifications in information security management and cybersecurity.
DoD Security Professional
Active Information System Security Manager for a US Department of Defense contractor.
AI + Compliance Focused
Specializing in the intersection of AI deployment and regulatory compliance for service businesses.
One-Time Purchase
$247
26 documents. 7 sections. Every framework you need.
- Scored self-assessment with compliance scorecard
- HIPAA + AI bundle (BAA addendum, AUP, PHI checklist, vendor questionnaire)
- EU AI Act readiness assessment and risk classification
- State bar AI ethics guide and UPL checklist
- FTC/TCPA compliance with consent templates
- Remediation playbook with issue tracker
- Staff training outline
- Regulatory quick-reference and data flow mapping
- Single-user commercial license
Instant download. Professional Word documents (.docx) + CSV formats for easy customization.
Questions
Is this legal advice?
No. This toolkit provides compliance frameworks and templates based on publicly available regulatory requirements. It is not legal advice. We recommend having your attorney review completed documents before relying on them.
What format are the documents in?
Professional Word documents (.docx) and CSV files. Open in Microsoft Word, Google Docs, or LibreOffice. Import CSVs into Excel or Sheets. Easy to customize and fill in.
Do I need all 7 sections?
Start with the self-assessment (Section 01) - it tells you which sections are most relevant. Healthcare practices will focus on Section 02. Law firms on Section 04. Everyone needs Sections 01, 05, and 06.
How often should I re-assess?
At minimum, annually. Also when you add new AI tools, when regulations change (the EU AI Act has several phase-in dates through 2027), or after any AI-related incident.
I need a full audit, not just templates. Can you help?
Yes. We offer professional AI compliance audits for dental practices, HVAC companies, and law firms. Book a call to discuss your specific situation.
Expand Your Compliance Program
Already bought this toolkit? Use code SOLAS20 for 20% off any other product.
CMMC 2.0 Evidence Builder - $297
Handle CUI under DoD contracts? Get the full CMMC Level 2 documentation kit - SSP, POA&M, 14 policy templates, and evidence mapping for all 110 NIST 800-171 controls.
Security Questionnaire Response Kit - $297
Turn weeks of security questionnaire responses into hours. 310+ pre-drafted answers for SIG, CAIQ, and common enterprise assessments.
Incident Disclosure Readiness Kit - $197
Pre-built disclosure templates for SEC 8-K, NIS2, DORA, HIPAA, and state breach laws. Plus 3 tabletop exercise scenarios.
David A. Moline, CISSP | CISM
Your AI automation, built by someone who secures DoD systems.
Johns Hopkins IBM Google
Fix Compliance Gaps Before Regulators Find Them
The EU AI Act hits full enforcement in August 2026. HIPAA and FTC enforcement on AI is already active. Get compliant now.