HIPAA toolbox: security assessment tool

HIPAA Toolbox

This tool is designed to help Covered Entities (CEs) and Business Associates (BAs) perform a risk assessment to determine what they need to address in their security policies, procedures, and workforce training under the Health Insurance Portability and Accountability Act (HIPAA).  The information below must not be considered legal advice, a legal opinion, or a blueprint – there is no “one-size-fits-all” risk analysis.  Your organization’s characteristics and circumstances will affect whether the analysis is meaningful and satisfactory to achieve HIPAA compliance.