HIPAA Compliance Checker for SaaS
25 questions across the HIPAA Security Rule's three safeguard categories, calibrated for SaaS and digital-health startups acting as business associates. Get an instant scored gap report.
Your answers never leave this browser — scoring is 100% client-sideYour gaps, prioritized
Close these gaps in weeks, not quarters.
LukaGRC maps every item above to HIPAA Security Rule controls, generates the policies, and tracks the evidence — with a free 7-day trial.
Start free trial →Common questions
Is this HIPAA checker really free?
Yes — completely free and ungated. No email, no account, no credit card. Your answers never leave your browser; scoring runs entirely client-side.
Does completing this checklist make my company HIPAA compliant?
No. It identifies gaps against the HIPAA Security Rule's safeguard categories so you know where to focus. Compliance requires actually implementing the controls, documenting them, and maintaining them — there is no official HIPAA certification.
Who should use this checker?
SaaS and digital-health companies that store, process, or transmit Protected Health Information (PHI) on behalf of healthcare customers — i.e., business associates under HIPAA. It's calibrated for startups, not hospitals.
What are the three HIPAA safeguard categories?
The Security Rule groups controls into administrative, physical, and technical safeguards. This checker scores each separately so you can see where your weakest area is.
Where do my answers go?
Nowhere. This is a static page; answers are scored in your browser and never transmitted. Print the report if you want a record.