ITNYC.com — IT Tech Support
Free Compliance ConsultationContact Us
HIPAA Privacy Rule

HIPAA Compliance Checklist & Security Risk Assessment

Score your practice against the HIPAA Security Rule, Privacy Rule, HITECH, and state breach notification laws.

Score your practice or covered entity against the HIPAA Security Rule administrative, physical, and technical safeguards.

No registration required to take the assessment. Save, email, or download a PDF report by registering.

Executive assessment covers

7 sections · 30 questions · ~10–15 min

Administrative Safeguards (§164.308)

Risk analysis, workforce policies, and assigned security responsibility.

6 questions

Physical Safeguards (§164.310)

Facility, workstation, device, and media controls.

4 questions

Technical Safeguards (§164.312)

Access control, audit controls, integrity, and transmission security.

7 questions

Business Associates

BAAs and ongoing oversight of vendors that touch PHI.

3 questions

Privacy Rule & Patient Rights

Notice of Privacy Practices, minimum necessary, patient access.

3 questions

Breach Notification (HITECH)

Risk assessment, individual, HHS, and media notification.

4 questions

Workforce Training

Initial and periodic HIPAA training for all workforce.

3 questions

Regulations referenced

HIPAA Privacy RuleHIPAA Security RuleHITECH Breach NotificationState health-data laws