HIPAA Security Rule Readiness Self-Assessment
FREE DOWNLOAD
11-page PDF · No email required · Direct download
NO EMAIL GATE
We don't gate this. Tap the button below and the checklist downloads to your device immediately. If you find it useful and want to talk about your results later, our number is right here.
11 pages · 8 questions · 10 minutes to complete
Built for Texoma contractors by the team in Durant
Want a 30-minute review with our team when you're done?
Could your crew get paid Friday?
For Texoma Contractors & Trades
A free 8-question readiness checklist built around the systems that pay your crew. Construction was the #1 ransomware target in early 2026 — most contractors have a backup but no one's tested it.
Covers backup, payroll, project files, email, mobile devices, vendors, plans, insurance
Takes 10 minutes to complete
Plain English — no compliance jargon
Includes scoring guide and clear next steps
#1
MOST-ATTACKED INDUSTRY
Construction held the #1 ransomware target spot in the U.S. in early 2026 per Bitdefender
88%
HIT SMBS
Of all ransomware breaches in 2025 involved small or midsize businesses per the Verizon DBIR
22 Days
AVERAGE DOWNTIME
When a construction company gets hit, plus $2.73M average recovery cost. Most don't survive it.
WHAT’S INSIDE
Eight Questions. Ten Minutes. Real Answers.
Each question references the specific regulatory citation (45 CFR 164.308 or 164.312), notes the proposed 2026 amendment changes where applicable, and includes a "what \"yes\" looks like" example with common gaps observed in independent practices.
QUESTION 01
Backup — Does It Actually Work?
When was the last time someone actually tested your backup by restoring a file? Not "we have a backup" — a real test.
QUESTION 02
Could You Still Make Payroll Friday?
If your office computer died tonight and QuickBooks was gone — walk through what would happen this Friday.
QUESTION 03
Where Are Your Project Files Really?
Bid documents, customer contracts, job photos — where do they live and who has access when someone leaves?
QUESTION 04
Email Security — The #1 Way In
90% of ransomware starts with a hacked email. Is your business email protected with MFA on every account?
QUESTION 05
Your Foreman's Phone — And What's On It
What devices access your business data — and what happens to that data when the phone is lost or the employee leaves?
QUESTION 06
Vendors and Subcontractors
Which vendors have access to your systems — and is that access tracked, time-limited, and revocable?
QUESTION 07
What's Your Plan If It Happens?
If you walked in Monday and the computers were locked with a ransom note — do you know who to call first, second, third?
QUESTION 08
Cyber Insurance — Real or Paper?
Do you have cyber insurance — and do you know what it actually covers and what controls it requires you to have?
Built In Durant. For Texoma.
Why we built this
Button 108 is a Durant-based managed IT and cybersecurity company serving dealerships, healthcare practices, construction firms, and small businesses across Texoma. HIPAA documentation and security are core service offerings — not adjacent capabilities. We sign a comprehensive Business Associate Agreement and produce documentation in the format your auditor or OCR investigator expects.
We built this assessment becausemost practice administrators we talked to had heard about the proposed 2026 amendments but had no way to know where their practice actually stood against the new requirements. The assessment is what we wish HHS had published when they proposed the rule.
No sales pitch in the document — just the actual assessment
Mapped to 45 CFR 164.308 and 164.312 with explicit citations on every question
Includes scoring guide so you know how serious your gaps are
Optional follow-up: a no-cost 30-minute review with our team
Already checked your backup recently?
If you went through the checklist and want a second opinion — or you just want someone to test your backup the right way — give us a call. Free 30-minute conversation. No commitment, no proposal pressure.