Printable HIPAA Risk Assessment

---

Organization Name: ___________________________
Date of Assessment: ___________________________
Assessor(s): ___________________________
Contact Information: ___________________________

---

This HIPAA Risk Assessment is designed to help healthcare organizations evaluate their compliance with HIPAA's security and privacy requirements. It encompasses a comprehensive examination of the organization's current policies, practices, and technical safeguards to ensure the protection of important patient information.

---

1. Administrative Safeguards

Control Area	Current Status	Risk Level (Low, Medium, High)	Mitigation Actions	Responsible Person
HIPAA Policies & Procedures
Workforce Training & Awareness
Risk Management Plan
Incident Response & Breach Notification

---

2. Physical Safeguards

Control Area	Current Status	Risk Level (Low, Medium, High)	Mitigation Actions	Responsible Person
Facility Access Controls
Workstation Use & Security
Device & Media Controls
Backup & Data Storage Security

---

3. Technical Safeguards

Control Area	Current Status	Risk Level (Low, Medium, High)	Mitigation Actions	Responsible Person
Access Control & Authentication
Data Encryption
Audit Controls & Monitoring
Transmission Security

---

4. Organizational Requirements

Control Area	Current Status	Risk Level (Low, Medium, High)	Mitigation Actions	Responsible Person
Business Associate Agreements (BAAs)
Security Incident Documentation
HIPAA Compliance Oversight

---

5. Risk Summary

Identified Risks	Risk Level (Low, Medium, High)	Likelihood	Impact	Mitigation Actions
Example: Inadequate employee training	High	High	High	Implement training program
Example: Unencrypted data storage	Medium	Medium	High	Apply encryption to all data storage systems

---

6. Overall Risk Level

Total Risk Assessment: (Low, Medium, High)
Date for Next Review: ___________________________

---

7. Signatures

Assessor Name	Signature	Date
[Your Name]		June 10, 2090

Assessment Templates @ Template.net