HIPAA Compliance Engine

HIPAACompliance

45 CFR Part 164 gap assessment for your Microsoft 365 environment.
Audit-ready reports with CFR citations and safeguard breakdowns.

45 CFRPart 164

67Mapped Controls

17CFR Sections

3Safeguard Types

Assesses M365-observable HIPAA controls only. Organizational safeguards (workforce training, BAAs, physical facility controls) require separate programs.

Review

Understand Required vs. Addressable safeguards

Learn more

Assess

45 CFR Part 164 gap assessment with CFR citations

Run assessment first

Remediate

Remediation planning with CFR-referenced guidance

Assess first

Recent Assessments

No assessments yet

Run your first HIPAA assessment to see your compliance posture against 45 CFR Part 164 safeguards.

HIPAA Safeguard Categories

Required

Must be implemented. No alternatives accepted. Failure = direct violation.

Addressable

Must implement or document why not (and what equivalent measure is used).

Scoring

Required controls are weighted 2x in the overall compliance score.