When we started working on projects with HIPAA-related requirements more than a decade ago, we were overwhelmed by the number of questions we were being asked. It was hard to understand what the final list of things we had to do was, and what was critical, required, optional, or otherwise.
BasicHIPAA was created to help small organizations get their security house in order. After doing our interactive Security Risk Assessment (SRA) you will have a clear idea of what you have and what you are missing, in order to continually refine and improve your practices. You can use the SRA as a roadmap to guide you towards a security position that will reassure you and your customers that patient data is safe, and in the event of a breach, give you a formal document that shows security state as of a given date as well as improvements made over time.