Skip to main content
Notifications
You're all caught up.
View all notifications
OnlyHIPAA
← All documentation

Remediation

Remediation tasks are the concrete work that closes your findings — the "what we're doing about it" an auditor expects to see tracked.

Creating tasks

  • From a finding, use Add remediation task (or let Sherpa draft tasks from the finding's requirement and AI evaluation). Tasks created this way link back to the finding.
  • Standalone tasks can be created from the Remediation page with New task.

Each task has a title, description (steps + evidence to collect), an assignee, a due date, and a priority.

Tracking & status

  • Status: open → in progress → completed (or deferred). Overdue tasks are flagged on the list and on your dashboard.
  • Reminders: assignees get periodic reminder emails until a task is done.
  • Approval (optional): if a task requires approval, marking it complete sends it for an approver's review before it closes. Approvers see an "awaiting approval" count, and the task shows how long it's been waiting. If a submitted task sits unapproved past the 5-day SLA, the org's approvers get an escalation notification (re-sent at most weekly until it's actioned).

From task back to finding

A task's detail page shows the linked finding so you can jump back to the gap it closes. Closing all of a finding's tasks — with evidence — is how you resolve the finding.

OnlyHIPAA

Making HIPAA compliance accessible for every healthcare organization.

HIPAA SOC 2 NIST CSF

View our security posture →

Product

  • Frameworks
  • Sherpa AI
  • Risk Analysis
  • Compliance Operations
  • Reporting
  • Integrations & API
  • Pricing

Company

  • About Us
  • Team
  • Mission
  • Contact

Legal

  • Privacy Policy
  • Terms of Service
  • BAA Template
  • Security

Resources

  • Documentation
  • HIPAA Guide
  • Blog
  • Status Page

© 2026 OnlyHIPAA, Inc. All rights reserved.

OnlyHIPAA provides tools to assist with HIPAA compliance but does not constitute legal advice. Consult qualified legal counsel for specific compliance guidance.