OnRamp’s 3-Step HIPAA Risk Management Process Helps You Understand How to Implement Your IT Environment in the Cloud in a Compliant Way.

HIPAA Risk Management Tool Overview

Collect Information. Assess Risk. Manage Risk.

OnRamp has developed a 3-Step HIPAA Risk Management Tool to easily diagnose, assess and manage any vulnerabilities and risks with implementing our customers’ IT infrastructure at OnRamp.

Accessible through OnRamp’s specialized healthcare portal, this proprietary online application was developed by OnRamp’s team of HIPAA experts as a “3-Step HIPAA Risk Management” process outlined in the steps below:

Watch Video

HIPAA Risk Management Tool

HIPAA Risk Management Tool Process

HIPAA Risk Management - Step 1 collect

Collect Information

The first step to diagnose, assess and manage any risks and vulnerabilities in implementing IT infrastructure at OnRamp is to collect information about your IT environment. This information forms the basis for the documentation required to meet HIPAA guidelines in the deployment of your IT infrastructure.

HIPAA Risk Management - Step 2 risk

Assess Risk

The answers provided in Step 1 are addressed in Step 2 in an effort to identify any risks and vulnerabilities to your data and systems hosted within your IT infrastructure at OnRamp. This section sorts each question and answer from Step 1 into categories related to HIPAA’s compliance requirements to ensure the confidentiality, availability and integrity of your data.

HIPAA Risk Management - Step 3 manage

Manage Risk

The final step in OnRamp’s HIPAA Risk Management Tool documents a plan for addressing any risks and vulnerabilities when working with OnRamp to maintain a HIPAA compliant environment. The output of this step forms the basis of a Business Associate Agreement that outlines the responsibilities of both OnRamp and you, the customer, to collaboratively ensure compliance.

HIPAA Risk Management Tool Outputs

Upon completion of the 3-step process, OnRamp’s HIPAA Risk Management Tool produces several important outputs:

HIPAA Risk Management Tool - Report

Summary Report

Upon completion of the 3-step process, the tool produces a PDF report summarizing all of the information collected through the process. This report is intended to be used as the basis for a more complete risk analysis of your HIPAA compliancy to demonstrate the significant steps being taken to manage e-PHI.

HIPAA Risk Management Tool - Diagram

System Diagram

The system characterization diagram is an illustration of your IT environment housed within OnRamp’s Data Centers. The diagram takes into account data-at-rest and data-in-motion as it interacts within your system and environment and helps evaluate how to appropriately provide availability and protect data from malicious activity.

HIPAA Risk Management Tool - BAA


The answers in Steps 1 and 2 form the basis for a Business Associate Agreement. The BAA is a legal document that delineates how a business associate, like OnRamp, works with a covered entity or business associate like your company to safeguard your e-PHI. Any change made to your environment will be reflected in a new BAA.

HIPAA Hosting Solutions

Secure, Compliant and Comprehensive HIPAA Hosting.

HIPAA Compliant Hosting is a reality for businesses that operate in or adjacent to the medical sector. If your company or customers interact in any way with sensitive patient data, don’t take any chances. Make sure you are HIPAA compliant today.

OnRamp’s team of HIPAA implementation experts will work with you to build a comprehensive, fully-compliant solution that addresses the confidentiality, availability and integrity of electronic protected health information (e-PHI).

Learn more about OnRamp’s HIPAA Hosting Solutions >

HIPAA Hosting Solution