Privacy & Breach Risk Analysis

One comprehensive tool to help you address ALL the privacy requirements and demonstrate your commitment to protecting PHI.

Know You're Meeting HIPAA Privacy Requirements

The HIPAA Privacy Rule was enacted to ensure individuals have access to their health information as well as ensuring organizations are complying with all the standards of the Privacy and Breach Notification rules. Privacy compliance is required and associated with patient goodwill through the transparency of policies and adherence to ethics. To meet these demands, we designed the HIPAA One Privacy and Breach Notification Risk Analysis as a NIST-based gap assessment with next-generation features to simplify, automate, and highlight high-risk vulnerabilities with a real-world action plan. 

Elevating your Privacy Compliance

HIPAA One Privacy and Breach Notification Risk Analysis (PBRA) is up to date with:

  • OCR Phase 2 HIPAA Audit Protocol as well as NIST-based Methodologies

    Updates are automatically propagated immediately ensuring always-current HIPAA, SAMHSA, and NIST regulations.

  • State Laws

    Arizona, California, Colorado, Hawaii, Louisiana, Minnesota, Montana, Missouri, Michigan, Nevada, New York, Tennessee, Texas, Washington, Wisconsin, and Wyoming state-laws, and more to come. State laws supersede the Federal rules for healthcare.

  • 42 CFR Part 2 - Substance Use Disorder (SUD)

    We include the 2017, 2018, and 2020 Part 2 amendments from the Substance Abuse and Mental Health Services Administration (“SAMHSA”).

  • Best Practices

    Delegate survey questions across any number of locations ensuring consistency for handling Privacy issues.  

  • Health Insurance, Health Care and Business Associate profiles

    Customized surveys for your organization's responsibilities under the HIPAA Privacy Rule.  

  • Simple. Automated. Affordable.

    HIPAA One automates 82% of mundane, labor-intensive and error-prone processes. This boosts real productivity through collaboration and real-time compliance tracking.

HIPAA One Compliance Seal

HIPAA One Compliant Seal

Once you have completed your Privacy and Breach Analysis, you may display the HIPAA One® Certified Compliant Seal on your website. This Compliance seal assures visitors that your organization has completed the necessary steps to work towards HIPAA compliance. Please contact us at for your Compliance Seal and Certificate to include on your organization's website.

Privacy and Breach Risk Assessment Engagement Types


Independently Conduct your Risk Assessment. Our Self PBRA Includes: 

  • Kick-off call
  • Assessor support
  • Access to policy and procedure template library
  • Customer independently conducts assessment and remediation planning
  • Customer Signs Final report

Facilitated Remote Assessment

Online Assistance to Conduct your Risk Analysis. Our Facilitated Remote PBRA Includes: 

  • Kick-off call
  • Assessor support
  • Access to policy and procedure template library
  • Assessment responses and remediation plan reviewed by Assessor
  • Assessor signs final report

Validated Assessment

Assessor-led Risk Assessment. Our Validated PBRA Includes: 

  • Evidence-based findings validated by Assessor
  • Historical trend analysis of previous HIPAA PBRA's
  • Access to policy and procedures template library
  • Physical walk-through guidance
  • Executive and technical presentation
  • HIPAA Security Risk Assessment (optional)

Every Privacy and Breach Risk Assessment incorporates OCR Audit Protocol, HIPAA state specific regulations, 42 CFR Part 2 (SAMHSA) and maps findings to the NIST Privacy Framework.

Organization-Specific Privacy Profiles

Based on NIST 800-series methodologies, all HIPAA One software options cover the current OCR’s Audit Protocol. We also do our “best effort” to include all state-specific privacy laws, which are more stringent than the federal rule. To ensure your organization has the relevant requirements, we have 3 distinct profiles to meet your needs:

  • Business-Associates

    Business Associates

  • Health-Insurance

    Health Insurance Plans

  • Health-Care

    Health Care

Regardless of your organization’s type, this is the comprehensive tool to provide step-by-step guidance on how to meet the privacy requirements and be compliant.









Pass Rate

five star review


Star Reviews

Let HIPAA One do the heavy lifting for your company when it comes to compliance. Make us part of your team to stay up-to-date, stay automatically compliant, and most importantly, protect your client's information.


Join Us in Our Mission to Simplify HIPAA Compliance!

Simple. Automated. Affordable.

Scroll to Top