The US Department of Health & Human Services now offers a security risk assessment tool to help guide health care providers in conducting risk assessments of their organizations’ HIPAA compliance. The software tool is designed to help organizations assess their information security risks under the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. The application, available for downloading at also produces a report that can be provided to auditors.

The website includes a user guide and tutorial video to help providers begin using the tool. Videos on risk analysis and contingency planning are available at the website to provide further context.??The tool is available for both Windows operating systems and iPads.