Free HIPAA Risk Assessment

A convergence of factors has led us to the ability to help small organizations get HIPAA compliant in 72 hours.  This includes risk assessment, staff training, and updated policies.

These factors are:

1. Automated on-line risk assessment tool

2. "Reasonable and appropriate" rule from HHS

3. Data analytics

4. 100% audit success

5. Meeting highest standards for risk assessments (NIST)

6.. Policy templates

7. On-line support from a HIPAA expert

8. On-line training for staff

The tool has been successfully used for thousands of HIPAA risk assessments.   By meeting the highest standards (NIST) for risk assessments 100% of clients who have been audited have passed the audit.  Analyzing the results has identified a large number of policies that do not apply to small organizations.The "reasonable and appropriate" rule from HHS establishes that you don't have to comply with policies that are reasonable and appropriate to your organization.

Based on the analytics and a survey of your company, we can inactivate policies that don't apply giving you a Jumpstart on the process of getting compliant and staying compliant.

Then we lead you through a process of editing a prioritized list of polices under the guidance of a HIPAA expert.  The first set consists of 8 security policies and 4 privacy policies.  The HIPAA expert, called a Helper, checks your edits and answers your questions.  

We schedule your staff for on-lne security awareness training and then perform a second updated risk assessment demonstrating your progress and you  have just achieved initial HIPAA compliance

To maintain your compliance you will be give monthly task lists of compliance activities including quarterly risk assessments.  All of your compliance activities are documented so that you can provide proof to any client, business partner, or regulator that you are compliant on an on-going basis.

This Jumpstart program starts at $249 for the initial process and $69.50 per month for the on-going training, policy updates, and risk assessments.  For more information go to or contact me at 


Add Your Comments

(not published)