It is my goal to help your organization thrive. 

Providing free resources is one way I achieve this goal. When a valuable resource is located; information and links will be posted here. Be sure to check back often and save this page to your favorites.

Free Security Risk Assessment Tool

HIPAA requires covered entities and business associates to conduct a risk assessment. The risk assessment ensures that your organization has correctly implemented the administrative, physical, and technical safeguards required by the Security Rule. The risk assessment, as well as the required subsequent reviews, helps your organization identify unknown risks. provides a downloadable security risk assessment tool. This tool will help your organization perform the daunting task of conducting a risk assessment. You can access the Security Risk Assessment tool by clicking this link.

Write your awesome label here.
Write your awesome label here.

How to Use the SRA Tool to Conduct a HIPAA Security Risk Assessment. 

This course can be accessed for free for a limited by using coupon code FREE.

This course provides you with important information about HIPAA compliance and introduces you to the free SRA tool you can use to conduct a HIPAA Security Risk Assessment. 

Included in this course is the HIPAA Compliance Checklist. Download the checklist and use it to view your center from a compliance perspective.

Free Business Associate Agreement

HIPAA requires you to have a business associate agreement in place for each business associate your organization engages. Recall that a business associate is someone who performs a function or activity on behalf of, or provides certain services to, your organization that involve access by the business associate to your protected health information. This definition does not include a person (employee or volunteer) in your workforce. HIPAA  generally requires covered entities to enter into contracts with their business associates to ensure that the business associate appropriately safeguards protected health information.

Getting business associate agreements in place for all your business associates might seem like a steep hill to climb, but HHS offers a free business associate agreement. Click the link to visit the HHS site, copy the free business associate agreement, and customize it for your organization!

Also, you might find that many business associates already have a business associate agreement. If this is the case, have the agreement reviewed by your center's legal team to ensure it meets all the requirements of HIPAA. Maintain a copy of the agreement as part of your ongoing compliance documentation.

Write your awesome label here.
Write your awesome label here.

Free Notice of Privacy Practices

Meeting the ongoing demands of compliance can be a challenge. Currently, the HIPAA Privacy Rule requires covered entities to provide a Notice of Privacy Practices to anyone who requests one, not just your clients. The Privacy Rule outlines the requirements that must be included in the notice. The good news is that the Department of Health and Human Services provides one. Click this link to download an editable version in English or Spanish.  The notice contains the required information, but you will need to customize it for your center. Be sure to read the entire document and adjust names, titles, dates, etc.

Created with