HIPAA Risk Assessment

The Health Insurance Portability and Accountability Act (HIPAA) Security Rule requires that covered entities conduct a risk assessment of their healthcare organization. A risk assessment helps your organization ensure it is compliant with HIPAA’s administrative, physical, and technical safeguards. A risk assessment also helps reveal areas where your organization’s protected health information (PHI) could be at risk.  


For an overview on what a risk assessment may involve and how to guide your healthcare organization through the security risk analysis and risk management process, please view the following resources:

Risk Tool Intro

Before getting started in the security risk assessment tool, learn about the tool's basic navigation and features.

Risk Assessment

HIPAA requires practices to assess their PHI as part of their risk management process. Learn more about a risk assessment and how your practice can benefit.


It only takes a minute to lose PHI in an emergency or system failure! Learn more about HIPAA-required contingency planning and how it helps your practice protect PHI.

HIPAA Risk Assessment


Need a HIPAA & ARRA-HITECH compliance assessment to take the guess work out of the compliance equation?  We can review, assess and report upon vitally important elements of your risk management program including the contingency plan (disaster recovery), incident response plan, and your change control process.  Each is assessed for adequacy and conformance with compliance standards and safeguards.  

Results are captured in an easily understandable findings matrix with prioritized risk remediation recommendations.  Plus, get a safeguard roadmap to see you through the mitigation process and help ensure your conformance with the standards and safeguards.  You will also be provided with a custom risk reduction table that captures the ongoing mitigated risk environment. 

Contact us to ensure you receive the best outcomes. We're here to help.

  • Annual enterprise risk analysis

  • Annual privacy assessment

  • Annual vulnerability scan

  • HIPAA compliance report

  • HIPAA policies and procedures update

  • Disaster recovery plan review

  • Incident response plan review

  • Remediation advice and project management

  • Annual staff training and certification

  • Secure cloud-based client portal

  • Audit support

HIPAA Risk Assessment help

Educational material

It is extremely important to understand that a Meaningful Use #15 Security Risk Analysis is limited in scope and not designed to attain full HIPAA compliance.  A HIPAA compliance risk assessment is designed to attain full HIPAA conformance for your organization once remediation has been completed.

Click below to learn more about: