Organization Details
Identify the entity being assessed and the scope of this Security Risk Assessment.
Compliance Dashboard
Administrative Safeguards
45 CFR § 164.308 — Policies and procedures designed to manage the selection, development, implementation, and maintenance of security measures.
Physical Safeguards
45 CFR § 164.310 — Physical measures, policies, and procedures to protect electronic information systems and related buildings and equipment.
Technical Safeguards
45 CFR § 164.312 — Technology and related policies and procedures that protect electronic protected health information and control access.
Organizational Requirements
45 CFR § 164.314 — Standards for Business Associate contracts and arrangements ensuring ePHI is appropriately safeguarded.
Policies, Procedures & Documentation
45 CFR § 164.316 — Requirements for documenting policies and procedures and maintaining written records.
Policy Library
39 HIPAA policy document templates organized by safeguard category. Acknowledge each policy as your organization adopts it.
Workforce Training
Complete HIPAA security awareness training modules. Mark each module complete as your team finishes it.
Risk Register
Document identified threats and vulnerabilities, assess their likelihood and impact, and define your remediation strategy.
Gap Analysis
Controls that are not fully met. Use this view to prioritize your remediation roadmap.
Management Attestation
Executive sign-off certifying the accuracy of this assessment and authorizing the remediation plan.
I hereby attest that the information provided in this HIPAA Security Risk Assessment is accurate and complete to the best of my knowledge. I have reviewed the identified gaps, the associated risk levels, and the remediation plan. I authorize the execution of the proposed remediation activities and accept any residual risks documented herein.
Assessment History
Past assessments saved in your browser. Compare scores over time and track compliance trends.