Skip to main content
Patient Protect circular logo mark in purple and white used for site navigationPatient Protect

Public HIPAA infrastructure layer

The public HIPAA layer for independent healthcare.

Twenty-one production-grade tools, datasets, training modules, and reference materials — the diagnostic and educational layer that compliance vendors typically gate behind sales calls or $2,000-plus engagements. Given away because the practices that need HIPAA visibility most are the ones being priced out of it.

Free. No login. CC BY 4.0 on data and reference materials. MIT on code.

Unified Risk Assessment

A comprehensive HIPAA risk analysis combining compliance readiness, entity classification, practice profile, and ePHI data flow into a single risk score.

5 minutes to complete
No login required
Instant risk score
Actionable next steps

Democratizing access

The segment with the largest breach risk receives the least protection. This page starts to fix that.

Dental offices, medical practices, behavioral health clinics, chiropractic offices, physical therapy centers, optometry practices — the independent-healthcare segment operates under hospital-grade HIPAA obligations with a fraction of the budget. The compliance vendor market has responded by gating basic tools behind $2,000–$5,000 consultant engagements and hiding reference material behind sales calls. The result: the segment most exposed to breach is the segment least able to see the exposure.

We give it away. Twenty-one diagnostic tools, reference datasets, training modules, and open-source utilities — free, no login, no lead magnet, no stepping-stone to a demo call. If a solo dental practice needs to run a risk assessment tomorrow morning, this page is the answer. If a behavioral health clinic needs to check its ePHI data flow before an audit, this page is the answer. CC BY 4.0 on the data. MIT on the code. Public because it should be.

The paid Patient Protect platform is a fundamentally different offer.It runs the active security and infrastructure work most compliance vendors do not — continuous configuration monitoring, BAA scope enforcement, workforce access controls, breach simulation, incident response. That is where independent-practice compliance actually lives, and it is the work most often missing from vendors who charge multiples of what we do. The free tools show you where you stand. The platform closes the gaps. From $39/month, no contracts.

Read the full infrastructure-layer announcement →

The full inventory

21 production-grade resources. No login. No lead magnets.

Most compliance vendors publish in two or three of these disciplines, behind a sales contact form. We publish across all ten, without one.

See where you stand

Assessments and classification tools that reveal your actual compliance standing.

Map your exposure

Trace how patient data moves and where your infrastructure breaks down.

Quantify the damage

Estimate what a breach would actually cost your practice.

Stay informed

Live breach intelligence, news, and security awareness.

Train your workforce

Role-specific HIPAA training that meets the §164.530(b) standard.

Reference the rules

Definitions, regulatory citations, and research you can cite.

Open data and open source

Citable datasets, reference data on GitHub, and an MIT-licensed browser extension. Free to fork, query, or cite.

From free tools to a running program

Ready to start the real work?

The 21 free resources above show you where you stand. The paid Patient Protect platform runs the active security and infrastructure work most compliance vendors don't — continuous configuration monitoring, BAA scope enforcement, workforce access controls, breach simulation, and incident response. That is the work that actually closes exposure. From $39/month.

14-day free trial · Credit card required · Cancel any time