Compliance and Security
HIPAA Compliance Score
The HIPAA Compliance Score is a 0–100 number that summarizes your organization's HIPAA posture across four domains. It is available to organizations that have activated the HIPAA Basic or HIPAA Enhanced add-on and is visible in the compliance dashboard. The score updates as you complete BAA tracking, training, risk assessments, and policy controls.
What you'll learn
- How the compliance score is calculated
- What each of the four scoring domains covers
- How to take actions that improve your score
- Where to view the score in the platform
Scoring domains
The compliance score is made up of four equally weighted domains, each worth up to 25 points:
| Domain | Points | What it measures |
|---|---|---|
| BAA Status | 25 | Whether active BAAs are in place for all vendors that handle PHI on your behalf. |
| Training Compliance | 25 | Whether staff have completed required HIPAA training (tracked through the Training & Certification module). |
| Risk Assessment | 25 | Whether an annual risk assessment has been completed and is current. |
| Policy and Controls | 25 | Whether HIPAA-required policies and technical controls are documented and in place. |
Improvement actions
The compliance dashboard lists specific improvement actions for any domain where your score is incomplete. Examples include: adding a missing vendor BAA, enrolling staff in HIPAA training, completing the risk assessment checklist, or documenting a required policy.
Viewing the score
The compliance score is displayed as the headline metric on the HIPAA Compliance dashboard (Settings menu → HIPAA Compliance). The score is recalculated each time you take an action in any of the four domains. Only users with the tenant_admin role can view and manage the compliance dashboard.
Related articles
Can't find what you're looking for? Contact Support