HIPAA Risk Assessment

A. Are your devices (including USB drives) encrypted for data at rest and in motion?

B. Do you have a policy on accessing and sharing of passwords?

C. Does your business have signed Business Associate agreements?

D. Have all workforce members completed mandatory security training?

E. Do you require employee passwords to change every 90 days?