Skip to main content
Notifications
You're all caught up.
View all notifications
OnlyHIPAA

Documentation

Reference material for getting the most out of OnlyHIPAA.

API Reference
REST API for findings, assessments, remediation tasks, and integrations. Authentication, endpoints, response shapes, and code examples.
HIPAA Guide
Plain-language overview of the Privacy Rule, Security Rule, Breach Notification Rule, and what compliance actually requires.
BAA Template & Guidance
What a Business Associate Agreement must include, when you need one, and how to use ours.
Security & Trust
Certifications, encryption, access controls, and how we handle incidents.

Module help

Quick references for the main areas of the app — also reachable from the help icons inside the dashboard.

AI overview Assessments Evidence Risk Register Webhooks API Sherpa Compliance Score & Posture Auditor Packet Cross-Framework Coverage Policy Drafting Incident Triage Mock OCR Interview AI Suggestions Inbox Findings Remediation Comments & Collaboration Vendors & Business Associates Training Records Access Control Reviews Data Flow Map Physical Safeguards Compliance Calendar Change Log Control Frameworks Risk Analyses Webhook event catalog

Need help?

Email [email protected] for product questions or [email protected] for everything else.

OnlyHIPAA

Making HIPAA compliance accessible for every healthcare organization.

HIPAA SOC 2 NIST CSF

View our security posture →

Product

  • Frameworks
  • Sherpa AI
  • Risk Analysis
  • Compliance Operations
  • Reporting
  • Integrations & API
  • Pricing

Company

  • About Us
  • Team
  • Mission
  • Contact

Legal

  • Privacy Policy
  • Terms of Service
  • BAA Template
  • Security

Resources

  • Documentation
  • HIPAA Guide
  • Blog
  • Status Page

© 2026 OnlyHIPAA, Inc. All rights reserved.

OnlyHIPAA provides tools to assist with HIPAA compliance but does not constitute legal advice. Consult qualified legal counsel for specific compliance guidance.