Free tool · No login · v1.0.0

HIPAA Security Risk Self-Assessment

A guided, 10-domain self-assessment that maps to the HIPAA Security Rule's administrative, physical, and technical safeguards. Answer 100 plain-English questions, then flag and rate your most likely risks — and get an instant, scored readiness report plus a risk profile you can act on internally or bring to a consultation. It's modeled on the methodology of the HHS/ONC Security Risk Assessment (SRA) Tool, in plain English.

~15–20 minutes · save as you go Private — scored in your browser · no account 100 questions · then flag & rate risks

The 10 HIPAA Security Rule domains covered

A Governance
B Risk Analysis
C Workforce & Training
D Access Control
E Devices & Network
F Audit & Monitoring
G Backup & Recovery
H Transmission & Cloud
I Vendors & BAAs
J Physical & Incident

Your answers stay on this device. Nothing is transmitted unless you choose to email your results at the end.