Every plan includes unlimited staff, unlimited policies, and the full HIPAA checklist. Add on devices and monitoring when you're ready.
Solo practitioners & practices up to 5 staff. Everything you need to pass a first audit.
Multi-provider practices and therapy networks. Everything in Starter, plus what scales.
Multi-site healthcare orgs and DSOs. Custom contracts, custom rollout.
Expand beyond the compliance program. Priced per-device or per-practice, add or remove anytime.
Pre-configured, encrypted, shipped to your staff.
Managed detection & response on your endpoints.
Our team writes & reviews your policies with you.
Hands-on support if OCR comes knocking.
Correct. One practice, one price. Add unlimited staff to your plan. We believe compliance software shouldn't punish you for hiring.
Import it. hms. tracks every BAA you have, renewal dates, and countersignature status. No need to migrate everything at once.
Yes — HIPAA requires a designated Privacy & Security Officer. hms. gives that person the tools they need; we don't replace the role.
Your data stays. If you don't convert, we archive the program for 90 days so you can export it. No lock-in.
No — and that's intentional. We're HIPAA-only, by design. If you need multi-framework, Vanta or Drata will serve you better.