Free HIPAA Resources

It is my goal to see your organization thrive!

Security Risk Assessment Tool

HIPAA requires covered entities and business associates to conduct a risk assessment. A risk assessment ensures that your organization has correctly implemented the administrative, physical, and technical safeguards required by the Security Rule. The risk assessment, as well as the required subsequent reviews, helps your organization identify unknown risks. provides a downloadable security risk assessment tool. This tool will help your organization conduct a risk assessment. You can access the Security Risk Assessment tool by clicking this link.

HIPAA Security Risk Assessment Tool
HIPAA Security Risk Assessment

Using the SRA Tool to Conduct a HIPAA Security Risk Assessment

This course can be accessed for free by using the coupon
code FREE. You will learn important information about HIPAA compliance and explore the free SRA tool you can use to conduct a HIPAA Security Risk Assessment. Included in this course is the HIPAA  Compliance checklist. Download the checklist and use it to view your center from a compliance perspective. 

HIPAA Compliance Checklist

To help you view your organization through a compliance lens, download the HIPAA Compliance Checklist. You can download it in either English or Spanish. Use the HIPAA Compliance Checklist to evaluate your organization’s policies and procedures.

HIPAA Notice of Privacy Practices

Free Notice of Privacy Practices

Meeting the ongoing demands of compliance can be a challenge. Currently, the HIPAA Privacy Rule requires covered entities to provide a Notice of Privacy Practices to anyone who requests one, not just your clients. The Privacy Rule outlines the requirements that must be included in the notice.

The good news is that the Department of Health and Human Services provides one. Click this link to download an editable version in English or Spanish.  The notice contains the required information, but you will need to customize it for your center. Be sure to read the entire document and adjust names, titles, dates, etc.

Business Associate Agreement

HIPAA requires you to have a business associate agreement in place for each business associate your organization engages. A business associate is someone who performs a function or activity on behalf of, or provides certain services to, your organization that involve access by the business associate to your protected health information.

Click this link to visit the HHS site, copy the free business associate agreement, and customize it for your organization!

HIPAA Business Associate Agreement