See Pricing

HIPAA Security Risk Analysis

As a result of the changes driven by The HITECH (Health Information Technology for Economic and Clinical Health) Act, all Covered Entities and Business Associates must be compliant and completing a formal Security Risk Analysis is a crucial step in doing so. Enforcement of compliance has increased significantly over the last year and includes the following:

  • Mandatory Audits
  • Business Associates Must Comply With New Laws
  • Subcontractors Must Comply With New Laws
  • Non-compliance Fines Are Being Enforced
  • Stiffer Penalties
  • Jurisdiction Provided To State Attorneys General To File Civil Actions Against Violators

Because of this, it is more important now, than ever before, to build your organizations risk management program on a methodical and proven software solution.

Mock HIPAA Security Risk Analysis Software (Self-Assessment)

After working in HIPAA Security since 2006 in Health I.T. environments, we began focusing on the HIPAA Security Rule translating the complex requirements and rules into pragmatic, repeatable process. Married with medical workflow and real-world experience, HIPAA One was originally designed so many consultants could perform the HIPAA SRA process in a consistent and complete fashion improving quality. We took cues from the PCI industry’s best self-assessment questionnaires (PCI-SAQ) and incorporated these evolutions into our first release. Although it does help to have security experience to use HIPAA One®, it is designed so anyone with attention to detail can successfully complete the process. Reporting, documentation are all automated providing all the features spreadsheets don’t while providing build-in controls to ensure the process is complete and satisfies all requirements.

HIPAA One® is owned and developed by Modern Compliance Solutions, Inc.

We use HIPAA One® internally every day for our own clients.  We search for bugs, improvements and ways to make the software more intuitive.  All data centers are housed in the USA, data never leaves US shores.  Our development team is in Lindon, UT and is constantly testing and developing HIPAA One® to ensure the best and most-consistent end-user experience.  Here are some fundamentals of our software:

  • Simplicity:  After conducting hundreds of HIPAA Security Compliance and Risk Analysis, Steven Marco, Founder of HIPAA One®, dreamed of automating the reporting needed for each assessment.  Since 2012, HIPAA One® has been evolved to automate as much as is humanly possible.  The result is a workflow that focuses on the user  answering simplified questions, reviewing the results and involving others in their organization to help.  HIPAA One® is the one-stop shop for SRA, remediation planning and ongoing risk management activities.
  • Compliance:  Developed from the OCR’s Guidance on HIPAA Security  & OCR Audit Protocol, Texas House Bill 300, NIST SP 800-series, HSR Toolkit, HHS SRAT and HHS Spreadsheets our clients have 100% success in responding to OCR and Figliozzi audits.  We update the software each time a change in legislation, regulatory mandates and breach data trends are released.
  • Automation: Threat identification, threat agents, vulnerability analysis, likelihood, impact and risk calculations are all automated.  Add, simple Reflexive Question Engine (RQE), remediation plan, multi-user/departmental access, reporting and documentation retention.
  • Efficiency:  Small clinics can complete their own HIPAA Risk Analysis is less than one day, larger organizations will save days, weeks and months of mundane, time-consuming report-writing using HIPAA One®’s automation.
  • Resources:  Built-in HIPAA Compliance Features, answering “No” to any Policy and Procedure questions gives basic framework for developing your own documentation.  Contact our support team anytime at for extended support and service.