// hipaa.readiness

HIPAA Security Rule self-assessment for small healthcare practices — free, client-side only

// PRIVACY: This tool runs entirely in your browser.
Your answers are never sent to us, stored on any server, or shared with anyone. No network requests are made. The only optional outbound action is an email you choose to send to yourself.
// ABOUT THIS TOOL

This 15-question self-assessment checks your practice's readiness across the five domains of the HIPAA Security Rule. It takes about 5 minutes.

At the end you will receive a risk score, a per-domain gap breakdown with CFR citations, an estimated exposure range, and a routing recommendation to the right compliance resources.

Who it's for: dental, family medicine, mental health, and other small healthcare practices that handle electronic protected health information (ePHI).

// IMPORTANT DISCLAIMERS

Estimates are for education only. Not legal advice, not a guarantee of any penalty or cost. Consult qualified legal counsel for your specific situation.

This readiness check is NOT the required Security Risk Analysis under §164.308(a)(1)(ii)(A). Completing this quiz does not satisfy that regulatory requirement. The full SRA workbook is a separate deliverable available in our Advanced Suite.

// PRACTICE TYPE

Not scored — used only to route you to the right resources at the end.