No trial timer, no "request a demo," no card. Ward's free tier runs the entire Security Risk Assessment a small practice needs — and keeps your patient data on your own machine.
Free isn't a teaser tier. It's a genuine ONC-tool replacement that a clinic can rely on for its annual risk analysis.
Administrative, physical, and technical safeguards across the full HIPAA Security Rule, each question tied to its 45 CFR citation.
Seeded from the ONC content, each with plain-English guidance and a Required / Now-Required-2026 flag.
Rate each gap by likelihood × impact into Low / Moderate / High, ranked into a risk-management plan.
See which new mandatory items you've met and what's left — encryption, MFA, asset inventory, BA verification.
Track each business associate's ePHI access and BAA status, including the 2026 verification expectation.
Export a full SRA, executive summary, POA&M, and CSV risk register — or print an audit binder, all on-device.
Where the paid tiers start: cloud sync across devices, the full 2026 gap report with a tracked POA&M, policy/BAA/training management, the OCR audit binder, and the MSP multi-client console. The assessment itself is free, forever. See pricing →
Runs in your browser. No signup, no card, no PHI in anyone's cloud.
Launch the free SRA