Assessment
Free HIPAA Self-Assessment for Independent Practices
Answer seven operational questions to see whether your practice has visibility gaps across ePHI flow, access proof, workforce training, incident response, vendor risk, and policy follow-through. No login, no email.
This is a readiness check, not a full HIPAA Security Risk Analysis. It shows whether your practice has the operational visibility needed before a deeper SRA.
What this 5-minute assessment evaluates.
ePHI flow visibility
Do you know where protected health information enters, lives, and exits your practice — and which vendors touch it along the way?
Access and audit proof
Can you show who accessed which patient record, when, and from where — without rebuilding it from memory?
Workforce training and acknowledgments
Is every staff completion timestamped and audit-ready, or stored in spreadsheets and email threads?
Vendor BAAs and policy follow-through
Are your active vendors covered by signed BAAs, and is policy acknowledgment tracked per staff member?
Next step: run the full risk assessment
Map your full HIPAA risk with the unified assessment
The unified risk assessment combines this readiness check with entity classification, practice profile analysis, and ePHI data flow mapping — all in one tool.
Check Your RiskReady to fix the gaps?
Turn your assessment into a compliance plan.
Patient Protect turns the gaps from this assessment into assigned compliance work: risk assessment, policy templates, vendor BAA tracking, workforce training, evidence trails, and ongoing visibility. Plans start at $39/month.
Start a 14-day trial. Credit card required for verification. No charge until the trial ends.
